Session
Menu path: Setup > Network > VPN > OpenVPN > [OpenVPN Connection] > Session
- OpenVPN Server(s): Name or public IP address of the OpenVPN server
- Authentication type
- TLS certificates: Authentication with user certificate and private key
- Name/password: Authentication with user name and password
- Name/password with TLS-certificates: Combines name/password with user certificate.
- Static key: Authentication with a private key. No PKI infrastructure is needed for this.
TLS Certificates Authentication Type
Persistent storage of files is possible in the folder /wfs
resp. subfolders of /wfs
only.
Files stored under other paths will be lost when the thin client is rebooted.
- Client certificate file: File with the client certificate. Enter a path relative to
/wfs/OpenVPN
or select using the file selection. - CA certificate file: File with the CA certificate. Enter a path relative to
/wfs/OpenVPN
or select using the file selection. - Private key file: File with the private key. Enter a path relative to
/wfs/OpenVPN
or select using the file selection. Private key password: Password in case one is set for the private key
If you have a PKCS#12 file which contains the client certificate, CA certificate and private key, always enter its name in the three file fields. The advantage lies in the fact that only a single file needs to be distributed.For details of how to distribute certificates and keys securely to thin clients, see the Securely Distributing Keys and Certificates How-To.
Name/Password Authentication Type
- Username: User name - if you leave this field empty, the user will be asked for it when establishing a connection.
- Password required
☑ The user must enter a password. (default)
- Password: Password - if you leave this field empty, the user will be asked for it when establishing a connection.
- CA certificate file: File with the CA certificate. Enter a path relative to
/wfs/OpenVPN
or select using the file selection.
Name/Password with TLS-Certificates Authentication Type
- Username: User name - if you leave this field empty, the user will be asked for it when establishing a connection.
- Password required
☑ The user must enter a password. (default)
- Password: Password - if you leave this field empty, the user will be asked for it when establishing a connection.
- CA certificate file: File with the CA certificate. Enter a path relative to
/wfs/OpenVPN
or select using the file selection. - Clientcertificate file: File with the user certificate. Enter a path relative to
/wfs/OpenVPN
or select using the file selection. - CA certificate file: File with the CA certificate. Enter a path relative to
/wfs/OpenVPN
or select using the file selection. - Private key file: File with the private key. Enter a path relative to
/wfs/OpenVPN
or select using the file selection. Private key password: Password in case one is set for the private key
If you have a PKCS#12 file which contains the user certificate, CA certificate and private key, always enter its name in the three file fields. The advantage lies in the fact that only a single file needs to be distributed.For details of how to distribute certificates and keys securely to thin clients, see the Securely Distributing Keys and Certificates how-to.
Static Key Authentication Type
- Private key file: File with the static key. Enter a path relative to
/wfs/OpenVPN
or select using the file selection. - Key direction:
- None: No key direction
- 0: If the default option is not used, one side of the connection should use Direction 0 and the other Direction 1.
- 1: If the default option is not used, one side of the connection should use Direction 0 and the other Direction 1.
- Remote IP address: The VPN IP address of the server
- Local IP address: The VPN IP address of the client