Advertisement
Cipher Algorithm
HMAC Algorithm
Certificate
Authentication
Certificate Source
Server CA
Server Certificate
Mode
Accept VPN
Connections on
VPN Access Control
Mode
Select the desired cipher algorithm. Two encryption algorithms are
supported: AES128 and AES256. AES256 is more secure than AES128
but may result in lower performance because it incurs higher
computational overhead.
HMAC stands for Hash-based Message Authentication Code. It is used
to validate the data integrity and authenticity of the VPN data.
Select the desired HMAC hash algorithm. Two hash algorithms, SHA1
and SHA256, are supported. SHA256 is preferred as it is more robust
and reliable than SHA1.
Switch the toggle to enable if you would like to validate that the client
certificate was issued by a trusted CA.
Select a source for the certificate to be used for OpenVPN.
Select from Existing Certificates – Third-party certificates will be
used for OpenVPN.
Router Generate Certificates – Router-generated certificates that
will be used for OpenVPN.
Use the dropdown list to select the trust CA certificate that has
already been uploaded to the router.
To upload more Trusted CA certificates to the router, go to Certificate
Configuration>>Certificates page and click the Trusted CA tab for
obtaining more certificates.
Use the dropdown list to select a server certificate that has already
been uploaded to the router.
To upload more local certificates to the router, go to Certificate
Configuration>>Certificates page and click Local Certificate tab for
obtaining more certificates.
More settings –
Maximum TCP segment size (VPN MSS)
Set the maximum segment size (MSS) for different VPN types.
Auto Adjustment by WAN MTU – VPN MSS is the maximum data size
that can be sent in a single TCP packet. It should be set to a value
lower than the network's MTU to prevent fragmentation.
Manually - Please specify the MSS values for each type to avoid
packets cut by MTU during the data transmission period via the IPsec
VPN connection.
IPsec
WireGuard
OpenVPN
Listen on Interface
Select the WAN interfaces to accept OpenVPN VPN connections.
All Interfaces – Accept the VPN connections on all WAN interfaces.
Specified Interface – Customize the WAN interface, IP address, and
VPN protocols which allow the VPN connections.
+Add – Click to have a new entry setting.
VPN Access List
It can filter trusted VPN connections by setting up IP object/group
allow lists or block lists.
Allow All Connections – Accept the VPN connections from all clients.
209
Advertisement
Need help?
Do you have a question about the Vigor2136 Series and is the answer not in the manual?
Questions and answers