Table 19: OpenVPN Server
OpenVPN® Client Configuration
There are two ways to use the GWN70xx as an OpenVPN® client:
1. Upload client certificate created from an OpenVPN® server to GWN70xx.
2. Create client/server certificates on GWN70xx and upload the server certificate to the OpenVPN® server.
Go to Go to “
VPN
→
VPN Clien
t” and follow the steps below:
Click on
button. The following window will pop up.
using same algorithm.
Digest Algorithm
Choose digest algorithm from the dropdown list, which will uniquely identify the data to provide data
integrity and ensure that the receiver has an unmodified data from the one sent by the original host.
TLS Identicy
Authentication
This option uses a static Pre-Shared Key (PSK) that must be generated in advance and shared among all
peers.
This feature adds extra protection to the TLS channel by requiring that incoming packets have a valid
signature generated using the PSK key.
Allow Duplicate Client
Certificates
Click on "
ON
" to allow duplicate Client Certificates
CA Certificate
Select a generated CA from the dropdown list or add one.
Server Certificate
Select a generated Server Certificate from the dropdown list or add one.
IPv4 Tunnel Network
Enter the network range that the GWN70xx will be serving from to the OpenVPN® client.
Note:
The network format should be the following 10.0.10.0/16.
The mask should be at least 16 bits.
Redirect Gateway
When redirect-gateway is used, OpenVPN® clients will route DNS queries through the VPN, and the
VPN server will need to handle them.
Push Routes
Specify route(s) to be pushed to all clients.
Example: 10.0.0.1/8
LZO Compression
Select whether to activate LZO compression or no, if set to “Adaptive”, the server will make the decision
whether this option will be enabled or no.
Allow Peer to Change IP
Allow remote change the IP and/or Port, often applicable to the situation when the remote IP address
changes frequently.
