Setting Up SSL-VPN Server |
|
|
Views: 5308
Votes: 0
|
Posted: 19 Jun, 2012
by: Knowledge M.
Updated: 17 Apr, 2013
by: Knowledge M.
|
|
To create an SSL VPN Server:
- Go to Connectivity >> SSL VPN >> Server
- Click on 'Add New' button
- Uncheck the Disable this Server check box if it is checked.
- Select Server mode
A) If Server Mode Selected- Peer to Peer (SSL/TLS)
General information
- Select Server Mode : Peer to Peer (SSL/TLS)
- Select Protocol : UDP
- Device Mode : tun
- Interface : WAN
- Local Port : 1194
- Enter a Description for the Server
Cryptographic Settings
- Check "Enable authentication of TLS packets" ( if TLS authentication is needed")
- Select "Peer Certificate Authority"
- Select Server Certificate
- Select DH Parameters Length : 1024 bits
- Encryption algorithm : AES-128-CBC (128-bit)
Tunnel Settings
- Enter Tunnel Network : This the virtual network that is used for the communications between server and client.
- Check 'Redirect Gateway' if you want to redirect entrire traffic from the client through the tunnel
- Local Network : Specify the network to which the VPN is to be connected to. By default it is the network connected to the LAN interface.
- Remote Network : Enter the network that will be routed through the tunnel, so that a site-to-site VPN can be established without manually changing the routing tables
- Concurrent Connections : Enter the Number of Concurrent Connections that can be made to the server
- Compression : Check 'Compress tunnel packets using the LZO algorithm.'
- Click Save
B) If Server Mode Selected - Remote Access (SSL/TLS)
General information
- Select Server Mode : Remote Access (SSL/TLS)
- Select Protocol : UDP
- Device Mode : tun
- Interface : WAN
- Local Port : 1194
- Enter a Description for the Server
Cryptographic Settings
- Check "Enable authentication of TLS packets" ( if TLS authentication is needed")
- Select "Peer Certificate Authority"
- Select Server Certificate
- Select DH Parameters Length : 1024 bits
- Encryption algorithm : AES-128-CBC (128-bit)
Tunnel Settings
- Enter Tunnel Network : This the virtual network that is used for the communications between server and client.
- Check 'Redirect Gateway' if you want to redirect entrire traffic from the client through the tunnel
- Local Network : Specify the network to which the VPN is to be connected to. By default it is the network connected to the LAN interface.
- Concurrent Connections : Enter the Number of Concurrent Connections that can be made to the server
- Compression : Check 'Compress tunnel packets using the LZO algorithm.'
- Check Inter-client communication : If communication among clients connected to the Server is needed
- Check Duplicate Connections : If clients need to connect from muliple locations using the same Common Name
Client Settings
- Check Dynamic IP - To allow connected clients to retain their connections if their IP address changes.
- Click Save
|