Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

This article shows how to configure the authentication of the Open VPN session in IGEL OS.


Menu path: Network > VPN > OpenVPN > [OpenVPN Connection] > Session



OpenVPN server(s)

Name or public IP address of the OpenVPN server. You can enter multiple values separated by commas.


Authentication type

  • TLS-Certificates: Authentication with user certificate and private key.
  • Name/Password: Authentication with user name and password.
  • Name/Password with TLS-Certificates: Combines name/password with user certificate.
  • Static Key: Authentication with a private key. No PKI infrastructure is needed for this.

TLS Certificates Authentication Type

Persistent storage of files is possible in the folder /wfs resp. subfolders of /wfs only.
Files stored under other paths will be lost when the device is rebooted.


Client certificate file

File with the client certificate. Enter a path relative to /wfs/OpenVPN.


CA certificate file

File with the CA certificate. Enter a path relative to /wfs/OpenVPN.


Private key file

File with the private key. Enter a path relative to /wfs/OpenVPN.


Private key password

Password in case one is set for the private key.

If you have a PKCS#12 file which contains the client certificate, CA certificate and private key, always enter its name in the three file fields. The advantage lies in the fact that only a single file needs to be distributed.


Name/Password Authentication Type

User name

User name - if you leave this field empty, the user will be asked for it when establishing a connection.


Password required

 The user must enter a password. (Default)


Password

Password - if you leave this field empty, the user will be asked for it when establishing a connection.


CA certificate file

File with the CA certificate. Enter a path relative to /wfs/OpenVPN.

Name/Password with TLS-Certificates Authentication Type

User name

User name - if you leave this field empty, the user will be asked for it when establishing a connection.


Password required

 The user must enter a password. (Default)


Password

Password - if you leave this field empty, the user will be asked for it when establishing a connection.


Client certificate file

File with the user certificate. Enter a path relative to /wfs/OpenVPN.


CA certificate file

File with the CA certificate. Enter a path relative to /wfs/OpenVPN.


Private key file

File with the private key. Enter a path relative to /wfs/OpenVPN.


Private key password

Password in case one is set for the private key.

If you have a PKCS#12 file which contains the user certificate, CA certificate and private key, always enter its name in the three file fields. The advantage lies in the fact that only a single file needs to be distributed.

Static Key Authentication Type

Private key file

File with the static key. Enter a path relative to /wfs/OpenVPN.


Key Direction

  • None: No key direction. (Default)
  • 0: If the default option is not used, one side of the connection should use Direction 0 and the other Direction 1.
  • 1: If the default option is not used, one side of the connection should use Direction 0 and the other Direction 1.


Remote IP address

The VPN IP address of the server


Local IP address

The VPN IP address of the client

  • No labels