Line 146: |
Line 146: |
| <tr> | | <tr> |
| <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>: TLS cipher</td> | | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>: TLS cipher</td> |
− | <td>All {{!}} <span style="color: lime;">DHE+RSA</span> {{!}} <span style="color: lime;">Custom</span>; default: <b>All</b></td> | + | <td>All {{!}} <span style="color: pink;">DHE+RSA</span> {{!}} <span style="color: pink;">Custom</span>; default: <b>All</b></td> |
| <td>Packet encryption algorithm cipher.</td> | | <td>Packet encryption algorithm cipher.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>:<span style="color: lime;"> Allowed TLS ciphers</span></td> | + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>:<span style="color: pink;"> Allowed TLS ciphers</span></td> |
| <td>Custom {{!}} TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-SEED-CBC-SHA {{!}} TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-DES-CBC-SHA; default: <b>All</b></td> | | <td>Custom {{!}} TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-SEED-CBC-SHA {{!}} TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-DES-CBC-SHA; default: <b>All</b></td> |
| <td>Specific cyphers to use. Only 6 can be selected at a time.</td> | | <td>Specific cyphers to use. Only 6 can be selected at a time.</td> |
Line 288: |
Line 288: |
| To begin configuration, click the button that looks like a pencil next to the server instance. Refer to the figure and table below for information on the OpenVPN server's configuration fields: | | To begin configuration, click the button that looks like a pencil next to the server instance. Refer to the figure and table below for information on the OpenVPN server's configuration fields: |
| | | |
− | [[File:Networking_rutx_vpn_openvpn_server_configuration_v3.png|border|class=tlt-border]] | + | [[File:Networking_rutx_vpn_openvpn_server_configuration_v4.png|border|class=tlt-border]] |
| | | |
| <table class="nd-mantable"> | | <table class="nd-mantable"> |
Line 375: |
Line 375: |
| <tr> | | <tr> |
| <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>: TLS cipher</td> | | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>: TLS cipher</td> |
− | <td>All {{!}} <span style="color: lime;">DHE+RSA</span> {{!}} <span style="color: lime;">Custom</span>; default: <b>All</b></td> | + | <td>All {{!}} <span style="color: pink;">DHE+RSA</span> {{!}} <span style="color: pink;">Custom</span>; default: <b>All</b></td> |
| <td>Packet encryption algorithm cipher.</td> | | <td>Packet encryption algorithm cipher.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>:<span style="color: lime;"> Allowed TLS ciphers</span></td> | + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>:<span style="color: pink;"> Allowed TLS ciphers</span></td> |
| <td>Custom {{!}} TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-SEED-CBC-SHA {{!}} TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-DES-CBC-SHA; default: <b>All</b></td> | | <td>Custom {{!}} TLS-DHE-RSA-WITH-AES-256-GCM-SHA384 {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-256-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA {{!}} TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-GCM-SHA256 {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-AES-128-CBC-SHA256 {{!}} TLS-DHE-RSA-WITH-SEED-CBC-SHA {{!}} TLS-DHE-RSA-WITH-CAMELLIA-128-CBC-SHA {{!}} TLS-DHE-RSA-WITH-DES-CBC-SHA; default: <b>All</b></td> |
| <td>Specific cyphers to use. Only 6 can be selected at a time.</td> | | <td>Specific cyphers to use. Only 6 can be selected at a time.</td> |
Line 429: |
Line 429: |
| </tr> | | </tr> |
| <tr> | | <tr> |
− | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>/<span style="color: #0054a6;">Password</span>: <span style="color: #20C0D7;"><b>Virtual network IPv6 address</b></span></td> | + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>/<span style="color: #0054a6;">Password</span>: Assign IP start</td> |
| + | <td>IP; default: <b>none</b></td> |
| + | <td>Assign IP addresses starting from a pool of subnets to be dynamically allocated to connecting clients.</td> |
| + | </tr> |
| + | <tr> |
| + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>/<span style="color: #0054a6;">Password</span>: Assign IP end</td> |
| + | <td>IP; default: <b>none</b></td> |
| + | <td>Assign IP addresses ending at a pool of subnets to be dynamically allocated to connecting clients.</td> |
| + | </tr> |
| + | <tr> |
| + | <td><span style="color: red;">TLS</span>/<span style="color: olive;">TLS/Password</span>/<span style="color: #0054a6;">Password</span>: <span style="color: green;"><b>Virtual network IPv6 address</b></span></td> |
| <td>ip6; default: <b>none</b></td> | | <td>ip6; default: <b>none</b></td> |
| <td>IPv6 address of the OpenVPN network. This field becomes visible when protocol is set to UDP6 or TCP6</td> | | <td>IPv6 address of the OpenVPN network. This field becomes visible when protocol is set to UDP6 or TCP6</td> |
Line 485: |
Line 495: |
| <ul> | | <ul> |
| <li>Red for <span style="color: red;">Authentication: TLS</span></li> | | <li>Red for <span style="color: red;">Authentication: TLS</span></li> |
− | <li>Olive for <span style="olive: red;">Authentication: TLS/Passwords</span></li> | + | <li>Olive for <span style="color: olive;">Authentication: TLS/Passwords</span></li> |
| <li>Purple for <span style="color: purple;">Authentication: Static key</span></li> | | <li>Purple for <span style="color: purple;">Authentication: Static key</span></li> |
| <li>Blue for <span style="color: #0054a6;">Authentication: Password</span></li> | | <li>Blue for <span style="color: #0054a6;">Authentication: Password</span></li> |