Breadcrumbs

Session

Menu path: Setup > Network > VPN > OpenVPN > [OpenVPN Connection] > Session

  • OpenVPN Server(s): Name or public IP address of the OpenVPN server

  • Authentication type

    • TLS certificates: Authentication with user certificate and private key

    • Name/password: Authentication with user name and password

    • Name/password with TLS-certificates: Combines name/password with user certificate.

    • Static key: Authentication with a private key. No PKI infrastructure is needed for this.

TLS Certificates Authentication Type

Persistent storage of files is possible in the folder /wfs resp. subfolders of /wfs only.
Files stored under other paths will be lost when the thin client is rebooted.

  • Client certificate file: File with the client certificate. Enter a path relative to /wfs/OpenVPN or select using the file selection.

  • CA certificate file: File with the CA certificate. Enter a path relative to /wfs/OpenVPN or select using the file selection.

  • Private key file: File with the private key. Enter a path relative to /wfs/OpenVPN or select using the file selection.

  • Private key password: Password in case one is set for the private key

    If you have a PKCS#12 file which contains the client certificate, CA certificate and private key, always enter its name in the three file fields. The advantage lies in the fact that only a single file needs to be distributed.


    For details of how to distribute certificates and keys securely to thin clients, see the Securely Distributing Keys and Certificates How-To.

Name/Password Authentication Type

  • Username: User name - if you leave this field empty, the user will be asked for it when establishing a connection.

  • Password required

    ☑ The user must enter a password. (default)

  • Password: Password - if you leave this field empty, the user will be asked for it when establishing a connection.

  • CA certificate file: File with the CA certificate. Enter a path relative to /wfs/OpenVPN or select using the file selection.

Name/Password with TLS-Certificates Authentication Type

  • Username: User name - if you leave this field empty, the user will be asked for it when establishing a connection.

  • Password required

    ☑ The user must enter a password. (default)

  • Password: Password - if you leave this field empty, the user will be asked for it when establishing a connection.

  • CA certificate file: File with the CA certificate. Enter a path relative to /wfs/OpenVPN or select using the file selection.

  • Clientcertificate file: File with the user certificate. Enter a path relative to /wfs/OpenVPN or select using the file selection.

  • CA certificate file: File with the CA certificate. Enter a path relative to /wfs/OpenVPN or select using the file selection.

  • Private key file: File with the private key. Enter a path relative to /wfs/OpenVPN or select using the file selection.

  • Private key password: Password in case one is set for the private key

    If you have a PKCS#12 file which contains the user certificate, CA certificate and private key, always enter its name in the three file fields. The advantage lies in the fact that only a single file needs to be distributed.


    For details of how to distribute certificates and keys securely to thin clients, see the Securely Distributing Keys and Certificates how-to.

Static Key Authentication Type

  • Private key file: File with the static key. Enter a path relative to /wfs/OpenVPN or select using the file selection.

  • Key direction:None: No key direction0: If the default option is not used, one side of the connection should use Direction 0 and the other Direction 1.1: If the default option is not used, one side of the connection should use Direction 0 and the other Direction 1.

  • Remote IP address: The VPN IP address of the server

  • Local IP address: The VPN IP address of the client