P a g e
|
90
GWN7000 User Manual
Version 1.0.6.28
Table 29: OpenVPN® Client
Field
Description
Enable
Click on the checkbox to enable the OpenVPN® client feature.
VPN Name
Enter a name for the OpenVPN® client.
Protocol
Choose the Transport protocol from the dropdown list, either TCP or
UDP. The default protocol is UDP.
Interface
Select the interface used to connect the GWN7000 to the uplink,
either WAN1, WAN2.
Local Port
Configure the listening port for OpenVPN® server. Default is 1194.
Destination
Choose to which destination group or WAN to allow traffic from the
VPN, this will generate automatically a forwarding rule under the
menu
Firewall
→
Traffic
Rules
→
Forward.
Remote OpenVPN® Server
Configure the remote OpenVPN® server IP address.
Remote OpenVPN® Server
Port
Configure the remote OpenVPN® server port.
Local TUN IP address
Configures statically the local VPN tunnel IP address for the client.
Remote TUN IP address
Configures statically the local VPN tunnel IP address for the remote
server.
Auth Mode
Choose the server mode the OpenVPN® server will operate with, 4
modes are available:
•
PSK:
used to establish a point-to-point OpenVPN®
configuration. A VPN tunnel will be created with a server
endpoint of a specified IP and a client endpoint of specified
IP. Encrypted communication between client and server will
occur over UDP port 1194, the default OpenVPN® port.
•
SSL:
Authentication is made using certificates only (no
user/pass authentication). Each user has a unique client
configuration that includes their personal certificate and key.
This is useful if clients should not be prompted to enter a
username and password, but it is less secure as it relies
only on something the user has (TLS key and certificate).
•
User Auth:
Authentication is made using only CA, user and
password, no certificates. Useful if the clients should not
have individual certificates.
Less secure as it relies on a shared TLS key plus only
something the user knows (Username/password).
