• No results found

VPN (OpenVPN) Setting Guide. Johnny

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "VPN (OpenVPN) Setting Guide. Johnny"

Copied!
56
0
0

Loading.... (view fulltext now)

Download now ( 56 Page )

Full text

(1)

1

VPN (OpenVPN) Setting Guide

(2)

Agenda

• Prepare

• Example for IP settings

• Static mode

(3)

Prepare

• Required equipment

 Desktop or Laptop * 2

 VPN Server *1 (Use JetBox 5630 in this case)  VPN Client *1 (Use JetWave 2311 in this case)

(4)

WAN port IP:192.168.20.2 Eth 1 IP:192.168.20.1 Eth 2 192.168.10.1 Eth 1 IP:192.168.30.1 PC 1 PC 2 IP: 192.168.10.111 GW: 192.168.10.1 IP: 192.168.30.10 GW: 192.168.30.1 VPN Tunnel: Default Route IP:

192.168.20.1 <-> 192.168.20.2 VPN ifconfig:

10.8.0.1 <-> 10.8.0.2

OpenVPN Server OpenVPN Client

(5)

Agenda

• Prepare

• Example for IP settings

• Static mode

(6)

Static mode

• Server IP settings

 Setup IP address for WAN & LAN in “Network”=> “Settings”  Click “Save & Apply” after setup IP address

(7)

Static mode

• Server IP settings (For PC)

 Change to same IP domain for Desktop (or Laptop) which you connected to server

(8)

Static mode

• Create a new VPN connection

 Go to “VPN”=> “OpenVPN”

(9)

Static mode

• Setup VPN connection for server

1. Choose “secret” for Encryption 2. Click “Generate”

(10)

Static mode

• Setup VPN connection

3. Click file icon, chose “static.key” 4. Check the three options

(11)

Static mode

• Setup VPN connection

5. Add ”Port” “keepalive” & “route” one by one in “Additional Field” 6. ”Port” “keepalive” don’t need to modify, route should be same

(12)

Static mode

• Download Key

 Go to “VPN”=> “Certificates”  Click “Download archive”

(13)

Static mode

• Start Open VPN connection which you created

 Back to “OpenVPN” page

(14)

Static mode

• Client Network Mode modify

 Go to “System”=> “Basic Settings”, Change “Network Mode” to “Router” and press “Apply”

(15)

Static mode

• Client IP settings

 Go to “System”=> “IP Settings”, setup IP address for WAN & LAN, and then Click “Apply” after you setup IP address

(16)

Static mode

• Client IP settings (For PC)

 Change to same IP domain for Desktop (or Laptop) which you connected to client

(17)

Static mode

• Client import Key

 Copy Keys file which you downloaded from server, and put it to PC which you connected to client

 Go to “Management”=> “Certificate File”  Import “static.key” to client

(18)

Static mode

• Client time settings

 Go to “System”=> “Time Settings”

(19)

Static mode

• Setup VPN connection for client

 Go to ”VPN”=> “OpenVPN Client”  Choose “Static” for Encryption Mode

(20)

Static mode

• Setup VPN connection for client

 Page down

(21)

Static mode

• Enable VPN connection for client

 Page up

(22)

Static mode

• Enable VPN connection for client

 Page down  Click “Apply”

(23)

Static mode

• Save settings for client

 Go to “Save”

(24)

Static mode

• Confirm VPN connection status

 Go to “VPN”=> “Status”, you can check out the status of VPN connection

(25)

Agenda

• Prepare

• Example for IP settings

• Static mode

(26)

• Server IP settings

 Setup IP address for WAN & LAN in “Network”=> “Settings”  Click “Save & Apply” after setup IP address

(27)

• Server IP settings (For PC)

 Change to same IP domain for Desktop (or Laptop) which you connected to server

 Gateway should be LAN port IP address of your server (JetBox 5630).

(28)

TLS-Mode

• Create a new VPN connection

 Go to “VPN”=> “OpenVPN”

(29)

TLS-Mode

• Build Keys for VPN connection

 It can’t be built Key in Web interface for TLS-Mode, must create Key from command mode

 Use console cable connect PC & JetBox 5630 together, or you can use Telnet in CMD

(30)

TLS-Mode

(1024 or 2048)

• Build Keys for VPN connection

 Enter “cd /etc/openvpn/easy-rsa/2.0

 Enter “vi vars” could be modify vars file, you can skip if you don’t want to change

(31)

• Build Keys for VPN connection

 Enter “. ./vars” (set up vars) //Notice: There has a blank between two point

 Enter “./clean-all” (Remove all keys which created before)

(32)

• Build Keys for VPN connection – ca

 Enter “./build-ca”, you can press ENTER to skip “Country name” “State”...etc. if you don’t want to change it

(33)

• Build Keys for VPN connection - Server

 Enter “./build-key-server server”, you can press ENTER to skip “Country name” “State”...etc. if you don’t want to change it  “Sign the certificate” & ”1 out 1 certificate requests certificated,

commit?” Please press ”y” and then press ENTER

(34)

• Build Keys for VPN connection - Client

 Enter “./build-key client

 “Sign the certificate” & ”1 out 1 certificate requests certificated, commit?” Please press ”y” and then press ENTER

(35)

• Build Keys for VPN connection - DH (Diffie Hellman

parameters)

 Enter “./build-dh

(36)

• Download Keys

 Access to the web interface of JetBox 5630

 Go to “VPN” => “Certificates” click “Download archive”

(37)

• Modify Key

 Extract keys file which you download from server to desktop, go to

Keys like picture from below

 Create a new folder which name is client, and put client.crt &

client.key to that folder

(38)

• Setup VPN connection for server

 Check “Automatically Start after reboot”  Choose “tls-mode” for Encryption

 Choose correct keys for “ca” “dh” “cert” & “key” like picture from below

Check Choose tls-mode

(39)

• Setup VPN connection for server

1. Check the three options

2. Add ”Port” “keepalive” & “route” one by one in “Additional Field” 3. ”Port” “keepalive” don’t need to modify, push route should be same

domain with LAN IP address of server

(40)

• Server route settings

 Back to 5630 command mode

 Enter “cd /etc/openvpn/” and press ENTER

 Enter “vi (Insert the Name which you choose in page.37).conf

(41)

• Server route settings

 Press ”i” from your keyboard

 Move cursor to behind the “auth SHA1” press ENTER to line feed and enter:

• client-config-dir ccd

• route 192.168.10.0 255.255.255.0 //client IP domain

 Press ESC when you finish  Enter ”:wq

(42)

• Server route settings

 Enter “mkdir ccd” //create “ccd” folder

 Enter “cd ccd” //Go to “ccd”

 Enter “vi client

(43)

• Server route settings

 Press ”i” from your keyboard and enter:

• ifconfig-push 10.8.0.3 10.8.0.1

• iroute 192.168.10.0 255.255.255.0

 Press ESC when you finish  Enter ”:wq

(44)

• Start Open VPN connection which you created

 Back to “OpenVPN” page

 Click “Start”, and then click “Save & Apply”

(45)

• Client Network Mode modify

 Go to “System”=> “Basic Settings”, Change “Network Mode” to “Router” and press “Apply”

(46)

• Client IP setting

 Go to “System”=> “IP Settings”, setup IP address for WAN & LAN, and then Click “Apply” after you setup IP address

(47)

• Client IP settings (For PC)

 Change to same IP domain for Desktop (or Laptop) which you connected to client

 Gateway should be LAN port IP address of your client (JetWave 2311)

(48)

TLS-Mode

• Client import Key

 Copy Keys file which you downloaded from server, and put it to PC which you connected to client

 Go to “Management”=> “Certificate File”

(49)

• Client time settings

 Go to “System”=> “Time Settings”

 Click “Get PC Time”, and then click “Apply“

(50)

• Setup VPN connection for client

 Go to ”VPN”=> “OpenVPN Client”  Choose “TLS” for Encryption Mode

 Remote Server IP (1): Insert IP address of Server WAN port

(51)

• Setup VPN connection for client

 Page down

 Route: Should be same domain with LAN IP address of Server

(52)

• Enable VPN connection for client

 Page up

 Check “Enable OpenVPN Client Connection”

(53)

• Enable VPN connection for client

 Page down  Click “Apply”

(54)

• Save settings for client

 Go to “Save”

 Click “Save to Flash”

(55)

• Confirm VPN connection status

 Go to “VPN”=> “Status”, you can check out the status of VPN connection

(56)

56

References

Download now ( PDF - 56 Page - 1.51 MB )

Related documents

DPH-150S VoIP Phone User Manual

Enable or disable the settings for configuring the user defined external IP address and port number.. External IP Address Setup the external IP

OD-2025HD /OD-2025PHD

If the device wants to be accessed from the WAN, its IP address needs to be setup as fixed IP address, also the port forwarding or Virtual Server function of router needs to be

Setup Guide. An installation space and network environment must be prepared in advance.

In the Setup Network Environment settings, set the IP address of the MNT port to connect the ETERNUS DX to the operation management LAN.. After the settings are complete, close

Ovislink OV504WN User Manual. Ver 1.0

In this page, enter the MAC address of the LAN host and the static IP address that is reserved for the host, and then click the Apply/Save button to apply the settings..

150M Wireless-N ADSL2+ & Broadband Router

Choose Network Setup &gt; LAN &gt; DHCP Static IP, the page shown in the following figure appears.. You can assign the IP addresses on the LAN to the specific individual

SuperCPE User s Guide

Enable Static Route in Route Setup of TCP/IP page and then enter IP Address of Network 3、Subnet Mask and IP Address of Router (R1) in Default Gateway field final click Apply

11b/g Long Range Multi-function 7+1 AP ECB3500. User s Manual. Version: 1.4

 Click on the IP Settings link under the System drop-down menu This page allows you to configure the device with a static IP address or a DHCP client..  IP Network Setting:

USER GUIDE Cisco Small Business

• Setup: On the Setup screens, you can configure general settings, such as Internet connection, IP address, DHCP server settings, DDNS, time settings, and advanced router