DEFINING TUNNELS
MultiConnect
®
rCell 100 MTR-EV3 User Guide 67
Field Description
Aggressive Mode Whether to allow a less secure mode that exchanges identification in
plain text. This may be used for establishing tunnels where one or more
endpoints have a dynamic public IP address. Although this mode is
faster to negotiate phase 1, the authentication hash is transmitted
unencrypted. You can capture the hash and start a dictionary or use
brute force attacks to recover the PSK.
OpenVPN Tunnels
OpenVPN is an open-source software application that implements virtual private network (VPN) techniques for
creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access
facilities. You can use and setup OpenVPN tunnels with this device.
To use OpenVPN, you must first install an OpenVPN application along with an easy-rsa tool and configure OpenVPN
on your computer. Then you must also generate the certificates for the OpenVPN server and client before
configuring the device.
To configure OpenVPN client and server on this device the following files are required:
The CA PEM file or CA certificate (.crt)
The Diffie Hellman PEM file (.pem)
The Server Certificate to be used by the device endpoint (.crt)
The Server/Client Key to be used by the device endpoint (.key)
Note: When you configure OpenVPN server and client make sure both sides use the same settings, and certificates.
Configuration 1: OpenVPN Tunnel with TLS Authorization Mode (Device only)
This first configuration establishes the OpenVPN Tunnel connection from a device client to a device server using
TLS as Authorization Mode. This involves adding and configuring both OpenVPN Server and Client sides within the
device UI.
To add an OpenVPN Server using TLS:
1. Go to Tunnels > OpenVPN Tunnels > OpenVPN Tunnel Configuration.
2. Click Add Tunnel.
3. Enter the Name.
4. Select the Type as SERVER from the drop-down.
5. You can also enter an optional Description.
6. Under OpenVPN Tunnel Configuration, enter the following fields (using TLS as Authorization Mode):
a. Interface Type as TUN from the drop-down.
b. Authorization Mode as TLS from the drop-down.
c. Protocol as UDP.
d. VPN Subnet.
e. Port number.
f. VPN Netmask.
g. LZO Compression as ADAPTIVE from the drop-down.
To Next Page
Loading...
