Virtual Private Networks (VPN) OpenVPN
Digi TransPort WR Routers User Guide
203
OpenVPN
OpenVPN is an open-source Virtual Private Network (VPN) technology that creates secure point-to-
point or site-to-site connections in routed or bridged configurations.
OpenVPN uses a custom security protocol that is Secure Socket Layer (SSL) / Transport Layer Security
(TLS) for key exchange. It uses standard encryption and authentication algorithms for data privacy
and authentication over TCP or UDP.
TransPort devices support OpenVPN 2.4 in both client and server mode with the net30, p2p, and
subnet OpenVPNtopologies.
TransPort devices support 1 OpenVPN server and up to 10 OpenVPN clients.
The OpenVPN server supports the use of either an internal user list or an external RADIUS server for
authentication using a username and password.
The OpenVPN server can push the network configuration, such as the topology and IP routes, to
OpenVPN clients. This makes OpenVPN simpler to configure as it reduces the chances of a
configuration mismatch between the client and server.
OpenVPN also supports cipher negotiation between the client and server. This means you can
configure the OpenVPN server and clients with a range of different cipher options and the server will
negotiate with the client on the cipher to use for the connection.
TransPort devices are compatible with OpenVPN running on Windows, Linux, and Mac OS X.
For more information on OpenVPN, see www.openvpn.net.
OpenVPN network interfaces
TransPort routers support several named interfaces for OpenVPN. The interface for OpenVPN server
is named ovpns. For OpenVPN clients, there are multiple interfaces named ovpnx, where x is the
index number for a particular OpenVPN client.
Routing (TUN) mode
There are two modes for running OpenVPN: routing mode, also known as TUN, and bridging mode,
also known as TAP.
In routing mode, each OpenVPN client is assigned a different IP subnet from the OpenVPN server and
other OpenVPN clients. OpenVPN clients use Network Address Translation (NAT) to route traffic from
devices connected on its LAN interfaces to the OpenVPN server.
The manner in which the IP subnets are defined depends on the OpenVPN topology in use:
OpenVPN Topology Subnet definition method
net30 Each OpenVPN client is assigned a
/30
subnet within the IP subnet specified
in the OpenVPN server configuration.
p2p Each OpenVPN client uses a point to point link. This is not available for
Windows clients.
subnet Each OpenVPN client connected to the OpenVPN server is assigned an IP
address within the IP subnet specified in the OpenVPN server configuration.
For more information on OpenVPN topologies, see OpenVPN topology.
To Next Page
Loading...
