3.2.5 VPN

The VPN tab provides parameters for the creation of a selected VPN (Virtual Private Network) connection.

Enable OpenVPN – allow this function to create a third direction into the Internet (via OpenVPN) for data routing (with the IP address from the VPN range).
Server IP – IP address for VPN connection.
Server port – port number for VPN connection.
Protocol – select UDP or TCP (depending on the VPN server setting).
Device – select TUN or TAP (depending on the VPN server setting).
Cipher – select the type of data encoding (depending on the VPN server setting).
Compression – set LZ0 or LZ4.
Authentication – select authentication based on:
1. login
2. certificate
3. login and certificate
4. certificate and TLS
5. login, certificate and TLS
Username – user name for authentication.
Password – access password for authentication.
Algorithm – select an algorithm.
Certificate password – access password for certificate-based authentication.
Enter routes manually – select manual route selection.
IPv4 route address 1 – enter the route 1 IP address.
IPv4 route mask 1 – enter the route 2 mask.
IPv4 route address 2 – enter the route 2 IP address.
IPv4 route mask 2 – enter the route 2 mask.
IPv6 route address 1 – enter the route 1 IPv6 address.
IPv6 route prefix length 1 – set the prefix length of IPv6 device routes.
IPv6 route address 2 – enter the route 2 IPv6 address.
IPv6 route prefix length 2 – set the prefix length of IPv6 device routes.
Log level – select the log level between 1 – 4.

The sets of certificates and keys are the required files for VPN connection.

ca.crt – server certificate (obtained from the VPN server administrator).
client.crt – device certificate (generated for each 2N^® LiftGate device).
client.key – private device key (generated for each 2N^® LiftGate device).
ta.key – tls-authority key (obtained from the VPN server administrator).
SELECT FILE – for permanent storing of certificates in the device memory.
UPLOAD – upload selected files, certificates and keys to the device.