Table of Contents
Advertisement
You can set custom settings here according to your VPN needs. Below is summary of parameters available to set:
Field name
1.
Enabled
2.
TUN/TAP
3.
Protocol
4.
Port
5.
LZO
6.
Authentication
7.
Remote host IP
address
8.
Resolve Retry
9.
Keep alive
10.
Local tunnel
endpoint
11.
Remote tunnel
endpoint
12.
Remote
network IP
address
13.
Remote
network IP
netmask
After setting any of these parameters press "Save" button. Some of selected parameters will be shown in the
configuration list table. You should also be aware of the fact that router will launch separate OpenVPN service for every
configuration entry (if it is defined as active, of course) so the router has ability to act as server and client at the same
time.
Explanation
Switches configuration on and off. This must be selected to make configuration active.
Selects virtual VPN interface type. TUN is most often used in typical IP-level VPN connections,
however, TAP is required to some Ethernet bridging configurations.
Defines a transport protocol used by connection. You can choose here between TCP and UDP.
defines TCP or UDP port number (make sure, that this port allowed by firewall).
This setting enables LZO compression. With LZO compression, your VPN connection will
generate less network traffic; however, this means higher router CPU loads. Use it carefully
with high rate traffic or low CPU resources.
Sets authentication mode, used to secure data sessions. Two possibilities you have here:
"Static" means, that OpenVPN client and server will use the same secret key, which must be
uploaded to the router using "Static pre-shared key" option. "Tls" authentication mode uses
X.509 type certificates. Depending on your selected OpenVPN mode (client or server) you have
to upload these certificates to the router:
For client: Certificate Authority (CA), Client certificate, Client key.
For server: Certificate Authority (CA), Server certificate, Server key and Diffie-Hellman (DH)
certificate used to key exchange through unsafe data networks.
All mention certificates can be generated using OpenVPN or OpenSSL utilities on any type host
machine. Certificate generation and theory is out of scope of this user manual.
IP address of OpenVPN server (applicable only for client configuration).
Sets time in seconds to try to resolve server hostname periodically in case of first resolve
failure before generating service exception.
Defines two time intervals: one is used to periodically send ICMP request to OpenVPN server,
and another one defines a time window, which is used to restart OpenVPN service, if no ICPM
request is received during the window time slice.
IP address of virtual local network interface (applicable only for point to point connections).
IP address of virtual remote network interface.
IP address of remote virtual network.
Subnet mask of remote virtual network.
46
- Quick Links:
- Logging in
Hide quick links:
Advertisement
Table of Contents
