Virtual Private Networks (VPN)
5. If tap or tun are set for device_type:
a. Set the IP address and subnet mask of the OpenVPN server.
(config vpn openvpn server name)> address ip_address/netmask
(config vpn openvpn server name)>
b. Set the firewall zone for the OpenVPN server. For TUN device types, this should be set to
internal to treat clients as LAN devices.
(config vpn openvpn server name)> zone value
(config vpn openvpn server name)>
To view a list of available zones:
(config vpn openvpn server name)> firewall zone ?
Zone: The zone for the local TUN interface. To treat clients as LAN
devices this would usually be
set to internal.
Format:
any
dynamic_routes
edge
external
hotspot
internal
ipsec
loopback
setup
Current value:
(config vpn openvpn server name)>
c. (Optional) Set the route metric for the OpenVPN server. If multiple active routes match a
destination, the route with the lowest metric will be used.
(config vpn openvpn server name)> metric value
(config vpn openvpn server name)>
where value is an interger between 0 and 65535. The default is 0.
d. (Optional) Set the range of IP addresses that the OpenVPN server will use when providing
IP addresses to clients:
i. Set the first address in the range limit:
(config vpn openvpn server name)> server_first_ip value
(config vpn openvpn server name)>
where value is a number between 1 and 255. The number entered here will represent
the first client IP address. For example, if address is set to 192.168.1.1/24 and
server_first_ip is set to 80, the first client IP address will be 192.168.1.80.
The default is from 80.
IX20 User Guide
OpenVPN
551