14.1.2.9 OpenVPN Server (ovpns) - Per-client setup
271
14.1.2.9
OpenVPN Server (ovpns) - Per-client setup
A table gives you an overview of all available objects. If there are more than 10 entries,
a navigation bar will appear below the right bottom hand corner of the table where you
can page through the entries or open the table in fullscreen mode. Pick an entry by
clicking either its title or the pencil icon to enter the detail view. Add new objects by
clicking "New Entry" below the table on the left. Use the dustbin icon to delete entries.
Client's certificate Common Name
There's no need to add entries here unless OpenVPN is used to interconnect whole
networks. In this case OpenVPN must add routes to the networks behind the peer.
When a peer opens a new connection, the certificate it presents is used to associate the
corresponding remote networks. You will need the value of the certificate's "Common
Name" (CN). Enter it here.
Assigned IPv4 transfer network
In the OpenVPN server interface configuration an IP range has been reserved for the
dynamic allocation of transfer networks to clients. If you need to assign a specific IPv4
transfer network, i.e. a static IPv4 address, you can define it here.
With the IP address you enter here, you actually select a four
IP address transfer network. The client will get the third IP from
this transfer network. To figure out the client's actual IP, please
proceed as follows: If the last number of the IP address is not a
multiple of four, replace it by the next smaller number which is a
multiple of four. Add two and you get the client's IP.
The transfer network may not be in use otherwise. In particular it
must not be part of the address range which has been reserved
for dynamically assigned transfer networks.
Assigned IPv6 IP
In the OpenVPN server interface configuration an IP range has been reserved for the
dynamic allocation of transfer networks to clients. If you need to assign a specific IPv6
address, you can define it here. The corresponding /64 network is configured as transfer
network.