(12.4.1-en) OpenVPN Session in IGEL OS12
This article shows how to configure the authentication of the OpenVPN session in IGEL OS.
Menu path: Network > VPN > OpenVPN > [OpenVPN Connection] > Session
Â
Â
OpenVPN server(s)
Name or public IP address of the OpenVPN server. You can enter multiple values separated by commas.
Authentication type
TLS-Certificates: Authentication with user certificate and private key.
Name/Password: Authentication with user name and password.
Name/Password with TLS-Certificates: Combines name/password with user certificate.
Static Key: Authentication with a private key. No PKI infrastructure is needed for this.
TLS Certificates Authentication Type
Persistent storage of files is possible in the folder /wfs
 resp. subfolders of /wfs
 only.
Files stored under other paths will be lost when the device is rebooted.
Â
Client certificate file
File with the client certificate. Enter a path relative to /wfs/OpenVPN
.
Â
CA certificate file
File with the CA certificate. Enter a path relative to /wfs/OpenVPN
.
Â
Private key file
File with the private key. Enter a path relative to /wfs/OpenVPN
.
Â
Private key password
Password in case one is set for the private key.
If you have a PKCS#12 file which contains the client certificate, CA certificate and private key, always enter its name in the three file fields. The advantage lies in the fact that only a single file needs to be distributed.
Â
Name/Password Authentication Type
User name
User name - if you leave this field empty, the user will be asked for it when establishing a connection.
Â
Password required
☑ The user must enter a password. (Default)
Â
Password
Password - if you leave this field empty, the user will be asked for it when establishing a connection.
Â
CA certificate file
File with the CA certificate. Enter a path relative to /wfs/OpenVPN
.
Name/Password with TLS-Certificates Authentication Type
User name
User name - if you leave this field empty, the user will be asked for it when establishing a connection.
Â
Password required
☑ The user must enter a password. (Default)
Â
Password
Password - if you leave this field empty, the user will be asked for it when establishing a connection.
Â
Client certificate file
File with the user certificate. Enter a path relative to /wfs/OpenVPN
.
CA certificate file
File with the CA certificate. Enter a path relative to /wfs/OpenVPN
.
Â
Private key file
File with the private key. Enter a path relative to /wfs/OpenVPN
.
Â
Private key password
Password in case one is set for the private key.
If you have a PKCS#12 file which contains the user certificate, CA certificate and private key, always enter its name in the three file fields. The advantage lies in the fact that only a single file needs to be distributed.
Static Key Authentication Type
Private key file
File with the static key. Enter a path relative to /wfs/OpenVPN
.
Â
Key Direction
None: No key direction. (Default)
0: If the default option is not used, one side of the connection should use Direction 0 and the other Direction 1.
1: If the default option is not used, one side of the connection should use Direction 0 and the other Direction 1.
Â
Remote IP address
The VPN IP address of the server
Â
Local IP address
The VPN IP address of the client