Application Examples
R&S
®
GP-E/GP-S
192User Manual v16.2.1 ─ 01
8. Specify the OpenVPN "Port" to which clients should connect.
9. Specify the "Key Renegotiation" time (in seconds) after which the session key will
be renegogiated.
10. Select the VPN "Certificate" created earlier and enter its password, if applicable.
(See Chapter 4.12.3.1, "Creating a VPN Certificate", on page 187.)
11. Select the method to use for user "Authentication" in the connection.
(See Chapter 4.12.3.2, "Configuring Authentication", on page 188.)
12. Enter the "Network IP Address" to specify the subnet from which the VPN client will
receive an IP address.
13. Under "DHCP Start IP" and "DHCP End IP" , specify the range of IP addresses to
be assigned to VPN clients.
14. Click "Create" to add the new VPN to the list of available connections.
15.
Click "
Activate" in the toolbar at the top of the desktop to apply your configura-
tion changes.
The remaining settings depend on the client.
The client has to be set up with the following mandatory settings that must not be
changed:
●
Encryption key: cipher AES-128-CBC
●
Virtual network interface: dev tap
Furthermore, the client needs to know the CA certificate and the VPN certificate to be
able to connect with the server.
You can now create firewall rules for VPN access as described under Chapter 3.3,
"Firewall Rule Settings", on page 22.
4.12.4 Setting Up a Site-to-Site VPN via OpenVPN
gateprotect Firewall can be used to connect two remote network sites (such as a com-
pany »headquarters« and a branch office or »subsidiary«) via a virtual private network.
To create a Site-to-Site VPN connection between two remote site networks as descri-
bed below, you need at least two gateprotect Firewall systems. The particular models
are not important as long as each can handle the desired number of VPN users.
VPN Setup Examples
To Next Page
Loading...