Digi TransPort LR54 - Configure an Openvpn Server for Routing Mode and Certificate Authentication

Digi TransPort LR54

512 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Virtual Private Networks (VPN) OpenVPN

Digi TransPort WR Routers User Guide

204

Bridging (TAP) mode

In bridging mode, a LAN interface on the OpenVPN server is assigned to OpenVPN. The LAN interfaces

of the OpenVPN clients are on the same IP subnet as the OpenVPN server’s LAN interface. This means

that devices connected to the OpenVPN client’s LAN interface are on the same IP subnet as devices.

Additional OpenVPN information

For more information on OpenVPN, see these resources:

Bridging vs. routing

OpenVPN/Routing

Configure an OpenVPN server for routing mode and certificate

authentication

Required configuration items

n Enable the OpenVPN server. The OpenVPN server is disabled by default.

n The IP network of the OpenVPN server (only needed when using routing mode).

n The server certificate and private key parameters should be loaded onto the TransPort device

prior to using them. For more information on how to create private key files and certificates,

see Certificate and key management. The process for loading this information onto the device

varies by certificate and key type:

l Certificate authority (CA) certificate: Copy the CA certificate and the CRL onto the

TransPort device from the CA prior to using it.

l Private key and certificate: There are two options to install a private key and certificate

on the TransPort device:

o

Use the pki commands pki privkey and pki csr to generate the private key and

certificate, copy the CRS to an external system to get it signed, then copy the signed

certificate back onto the TransPort device.

o

Generate the private key and certificate, fully signed, on an external system and copy

them onto the TransPort device. Use pki addkey command to import the private key

into the private key store.

l If using a Diffie-Hellman (DH) file: There are two options to install a DH file on the

TransPort device:

o

Generate the DH file using the pki dh-file command on the TransPort device.

o

Generate a DH file on an external system and copy it onto the TransPort device.

Optional configuration items

A description of the OpenVPN server.

n The OpenVPN topology. By default, net30 is used.

n A subnet mask for the network when in routing mode.

n A primary and secondary DNS server.

n The ciphers and digest used by the OpenVPN server. For more information, see Configure

ciphers and digests for use on the OpenVPN tunnel.

Table of Contents

Other manuals for Digi TransPort LR54

Hardware Reference21 pages

Quick Start Guide2 pages

Related product manuals

Preview: Digi TransPort

Preview: Digi TransPort WR31

Digi TransPort WR31

Preview: Digi TransPort WR11

Digi TransPort WR11

Preview: Digi TransPort WR21

Digi TransPort WR21

Preview: Digi TransPort WR44

Digi TransPort WR44

Preview: Digi TransPort WR41

Digi TransPort WR41

Preview: Digi WR54

Preview: Digi IX10

Digi Connect WAN

Digi Connect IT 4

Preview: Digi Connect Series

Digi Connect Series

Preview: Digi AnywhereUSB Series

Digi AnywhereUSB Series