5 = helps with debugging connection problems

 

9 = extremely verbose, excellent for troubleshooting

dev tun

Select ‘dev tun’ to create a routed IP tunnel or ‘dev tap’ to create an

dev tap

Ethernet tunnel. The client and server must use the same settings.

remote <host>

The hostname/IP of OpenVPN server when operating as a client. Enter

 

either the DNS hostname or the static IP address of the server.

Port

The UDP/TCP port of the server.

Keepalive

Keepalive uses ping to keep the OpenVPN session alive. 'Keepalive 10

 

120' pings every 10 seconds and assumes the remote peer is down if no

 

ping has been received over a 120 second time period.

http-proxy <proxy

If a proxy is required to access the server, enter the proxy server DNS

server> <proxy port #>

name or IP and port number.

ca <file name>

Enter the CA certificate file name and location.

 

The same CA certificate file can be used by the server and all clients.

 

Note: Ensure each ‘\’ in the directory path is replaced with ‘ \\’. For

 

example, c:\openvpnkeys\ca.crt will become c:\\openvpnkeys\\ca.crt

cert <file name>

Enter the client’s or servers’s certificate file name and location.

 

Each client should have its own certificate and key files.

 

Note: Ensure each ‘\’ in the directory path is replaced with ‘ \\’.

key <file name>

Enter the file name and location of the client’s or server’s key.

 

Each client should have its own certificate and key files.

 

Note: Ensure each ‘\’ in the directory path is replaced with ‘ \\’.

dh <file name>

This is used by the server only.

 

Enter the path to the key with the Diffie-Hellman parameters.

Nobind

‘Nobind’ is used when clients do not need to bind to a local address or

 

specific local port number. This is the case in most client configurations.

persist-key

This option prevents the reloading of keys across restarts.

persist-tun

This option prevents the close and reopen of TUN/TAP devices across

 

restarts.

cipher BF-CBC Blowfish

Select a cryptographic cipher. The client and server must use the same

(default)

settings.

cipher AES-128-CBC

 

AES

 

cipher DES-EDE3-CBC

 

Triple-DES

 

comp-lzo

Enable compression on the OpenVPN link. This must be enabled on both

 

the client and the server.

syslog

By default, logs are located in syslog or, if running as a service on

 

Window, in \Program Files\OpenVPN\log directory.

To initiate the OpenVPN tunnel following the creation of the client/server configuration files:

Right click on the OpenVPN icon in the Notification Area

Select the newly created client or server configuration. For example, LES1216_client

Click ‘Connect’ as shown below

_____________________________________________________________________

724-746-5500 blackbox.com

Page 75

Page 75
Image 75
Black Box LES1308A, LES1332A, LES1408A, LES144BA, LES1416A, LES1348A, LES1432A, LES1316A, LES1232A, LES1208A-R2, LES110BA Aes