Line 29: |
Line 29: |
| <tr> | | <tr> |
| <td>Enable</td> | | <td>Enable</td> |
− | <td>yes {{!}} no; Default: '''no'''</td> | + | <td>yes | no; Default: '''no'''</td> |
| <td>Enables the OpenVPN instance</td> | | <td>Enables the OpenVPN instance</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
| <td>TUN/TAP</td> | | <td>TUN/TAP</td> |
− | <td>TUN (tunnel) {{!}} TAP (bridged); Default: '''TUN (tunnel)'''</td> | + | <td>TUN (tunnel) | TAP (bridged); Default: '''TUN (tunnel)'''</td> |
| <td>OpenVPN interface type. '''TUN''' is most often in typical VPN connections, however, '''TAP''' is required in some Ethernet bridging configurations</td> | | <td>OpenVPN interface type. '''TUN''' is most often in typical VPN connections, however, '''TAP''' is required in some Ethernet bridging configurations</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
| <td>Protocol</td> | | <td>Protocol</td> |
− | <td>UDP {{!}} TCP; Default: '''UDP'''</td> | + | <td>UDP | TCP; Default: '''UDP'''</td> |
| <td>The transfer protocol used by the OpenVPN connection. '''TCP''' is connection oriented – once a connection is established, data can be sent bidirectionally. '''UDP''' is a simpler, connectionless Internet protocol. '''UDP''' is usually faster but '''TCP''' has more security features. Choose the connection protocol according to your needs.</td> | | <td>The transfer protocol used by the OpenVPN connection. '''TCP''' is connection oriented – once a connection is established, data can be sent bidirectionally. '''UDP''' is a simpler, connectionless Internet protocol. '''UDP''' is usually faster but '''TCP''' has more security features. Choose the connection protocol according to your needs.</td> |
| </tr> | | </tr> |
Line 49: |
Line 49: |
| <tr> | | <tr> |
| <td>LZO</td> | | <td>LZO</td> |
− | <td>yes {{!}} no; Default: '''no'''</td> | + | <td>yes | no; Default: '''no'''</td> |
| <td>With LZO compression, your VPN connection will generate less network traffic. However, enabling this causes a higher CPU load. Use it carefully with a high traffic rate or low CPU resources</td> | | <td>With LZO compression, your VPN connection will generate less network traffic. However, enabling this causes a higher CPU load. Use it carefully with a high traffic rate or low CPU resources</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
| <td>Encryption</td> | | <td>Encryption</td> |
− | <td>DES-CBC 64 {{!}} RC2-CBC 128 {{!}} DES-EDE-CBC 128 {{!}} DES-EDE3-CBC 192 {{!}} DESX-CBC 192 {{!}} BF-CBC 128 {{!}} RC2-40-CBC 40 {{!}} CAST5-CBC 128 {{!}} RC2-40CBC 40 {{!}} CAST5-CBC 128 {{!}} RC2-64-CBC 64{{!}} AES-128-CBC 128 {{!}} AES-192-CBC 192 {{!}} AES-256-CBC 256 {{!}} none; Default: '''BF-CBC 128'''</td> | + | <td>DES-CBC 64 | RC2-CBC 128 | DES-EDE-CBC 128 | DES-EDE3-CBC 192 | DESX-CBC 192 | BF-CBC 128 | RC2-40-CBC 40 | CAST5-CBC 128 | RC2-40CBC 40 | CAST5-CBC 128 | RC2-64-CBC 64| AES-128-CBC 128 | AES-192-CBC 192 | AES-256-CBC 256 | none; Default: '''BF-CBC 128'''</td> |
| <td>Packet encryption algorithm</td> | | <td>Packet encryption algorithm</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
| <td>Authentication</td> | | <td>Authentication</td> |
− | <td>TLS {{!}} Static Key {{!}} Password {{!}} TLS/Password; Default: '''TLS'''</td> | + | <td>TLS | Static Key | Password | TLS/Password; Default: '''TLS'''</td> |
| <td>Authentication mode, used to secure data sessions. | | <td>Authentication mode, used to secure data sessions. |
| '''Static key''' is a secret key used for server–client authentication. | | '''Static key''' is a secret key used for server–client authentication. |
Line 75: |
Line 75: |
| <tr> | | <tr> |
| <td>TLS cipher</td> | | <td>TLS cipher</td> |
− | <td>all {{!}} DHE+RSA {{!}} custom; Default: '''all'''</td> | + | <td>all | DHE+RSA | custom; Default: '''all'''</td> |
| <td>Packet encryption algorithm cipher</td> | | <td>Packet encryption algorithm cipher</td> |
| </tr> | | </tr> |
Line 85: |
Line 85: |
| <tr> | | <tr> |
| <td>Resolve retry</td> | | <td>Resolve retry</td> |
− | <td>integer {{!}} infinite; Default: '''infinite'''</td> | + | <td>integer | infinite; Default: '''infinite'''</td> |
| <td>Time in seconds to resolve server hostname periodically in case of first resolve failure before generating service exception</td> | | <td>Time in seconds to resolve server hostname periodically in case of first resolve failure before generating service exception</td> |
| </tr> | | </tr> |
Line 120: |
Line 120: |
| <tr> | | <tr> |
| <td>HMAC authentication algorithm</td> | | <td>HMAC authentication algorithm</td> |
− | <td>none {{!}} SHA1 {{!}} SHA256 {{!}} SHA384 {{!}} SHA512; Default: '''SHA1'''</td> | + | <td>none | SHA1 | SHA256 | SHA384 | SHA512; Default: '''SHA1'''</td> |
| <td>HMAC authentication algorithm type</td> | | <td>HMAC authentication algorithm type</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
| <td>Additional HMAC authentication</td> | | <td>Additional HMAC authentication</td> |
− | <td>yes {{!}} no; Default: '''no'''</td> | + | <td>yes | no; Default: '''no'''</td> |
| <td>An additional layer of HMAC authentication on top of the TLS control channel to protect against DoS attacks</td> | | <td>An additional layer of HMAC authentication on top of the TLS control channel to protect against DoS attacks</td> |
| </tr> | | </tr> |
Line 168: |
Line 168: |
| <tr> | | <tr> |
| <td>Enable</td> | | <td>Enable</td> |
− | <td>yes {{!}} no; Default: '''no'''</td> | + | <td>yes | no; Default: '''no'''</td> |
| <td>Enables the OpenVPN instance</td> | | <td>Enables the OpenVPN instance</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
| <td>TUN/TAP</td> | | <td>TUN/TAP</td> |
− | <td>TUN (tunnel) {{!}} TAP (bridged); Default: '''TUN (tunnel)'''</td> | + | <td>TUN (tunnel) | TAP (bridged); Default: '''TUN (tunnel)'''</td> |
| <td>OpenVPN interface type. '''TUN''' is most often in typical VPN connections, however, '''TAP''' is required in some Ethernet bridging configurations</td> | | <td>OpenVPN interface type. '''TUN''' is most often in typical VPN connections, however, '''TAP''' is required in some Ethernet bridging configurations</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
| <td>Protocol</td> | | <td>Protocol</td> |
− | <td>UDP {{!}} TCP; Default: '''UDP'''</td> | + | <td>UDP | TCP; Default: '''UDP'''</td> |
| <td>The transfer protocol used by the OpenVPN connection. '''TCP''' is connection oriented – once a connection is established, data can be sent bidirectionally. '''UDP''' is a simpler, connectionless Internet protocol. '''UDP''' is usually faster but '''TCP''' has more security features. Choose the connection protocol according to your needs.</td> | | <td>The transfer protocol used by the OpenVPN connection. '''TCP''' is connection oriented – once a connection is established, data can be sent bidirectionally. '''UDP''' is a simpler, connectionless Internet protocol. '''UDP''' is usually faster but '''TCP''' has more security features. Choose the connection protocol according to your needs.</td> |
| </tr> | | </tr> |
Line 188: |
Line 188: |
| <tr> | | <tr> |
| <td>LZO</td> | | <td>LZO</td> |
− | <td>yes {{!}} no; Default: '''no'''</td> | + | <td>yes | no; Default: '''no'''</td> |
| <td>With LZO compression, your VPN connection will generate less network traffic. However, enabling this causes a higher CPU load. Use it carefully with a high traffic rate or low CPU resources</td> | | <td>With LZO compression, your VPN connection will generate less network traffic. However, enabling this causes a higher CPU load. Use it carefully with a high traffic rate or low CPU resources</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
| <td>Encryption</td> | | <td>Encryption</td> |
− | <td>DES-CBC 64 {{!}} RC2-CBC 128 {{!}} DES-EDE-CBC 128 {{!}} DES-EDE3-CBC 192 {{!}} DESX-CBC 192 {{!}} BF-CBC 128 {{!}} RC2-40-CBC 40 {{!}} CAST5-CBC 128 {{!}} RC2-40CBC 40 {{!}} CAST5-CBC 128 {{!}} RC2-64-CBC 64{{!}} AES-128-CBC 128 {{!}} AES-192-CBC 192 {{!}} AES-256-CBC 256 {{!}} none; Default: '''BF-CBC 128'''</td> | + | <td>DES-CBC 64 | RC2-CBC 128 | DES-EDE-CBC 128 | DES-EDE3-CBC 192 | DESX-CBC 192 | BF-CBC 128 | RC2-40-CBC 40 | CAST5-CBC 128 | RC2-40CBC 40 | CAST5-CBC 128 | RC2-64-CBC 64| AES-128-CBC 128 | AES-192-CBC 192 | AES-256-CBC 256 | none; Default: '''BF-CBC 128'''</td> |
| <td>Packet encryption algorithm</td> | | <td>Packet encryption algorithm</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
| <td>Authentication</td> | | <td>Authentication</td> |
− | <td>TLS'''*''' {{!}} Static Key {{!}} Password {{!}} TLS/Password; Default: '''TLS'''</td> | + | <td>TLS'''*''' | Static Key | Password | TLS/Password; Default: '''TLS'''</td> |
| <td>Authentication mode, used to secure data sessions. | | <td>Authentication mode, used to secure data sessions. |
| '''Static key''' is a secret key used for server–client authentication. | | '''Static key''' is a secret key used for server–client authentication. |
Line 214: |
Line 214: |
| <tr> | | <tr> |
| <td>TLS cipher</td> | | <td>TLS cipher</td> |
− | <td>all {{!}} DHE+RSA {{!}} custom; Default: '''all'''</td> | + | <td>all | DHE+RSA | custom; Default: '''all'''</td> |
| <td>Packet encryption algorithm cipher</td> | | <td>Packet encryption algorithm cipher</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
| <td>Client to client</td> | | <td>Client to client</td> |
− | <td>yes {{!}} no; Default: '''no'''</td> | + | <td>yes | no; Default: '''no'''</td> |
| <td>Enables client to client communication in the Virtual network. In order for Client to client to work, the TLS Clients section most be utilized</td> | | <td>Enables client to client communication in the Virtual network. In order for Client to client to work, the TLS Clients section most be utilized</td> |
| </tr> | | </tr> |
Line 245: |
Line 245: |
| <tr> | | <tr> |
| <td>Allow duplicate certificates</td> | | <td>Allow duplicate certificates</td> |
− | <td>yes {{!}} no; Default: '''no'''</td> | + | <td>yes | no; Default: '''no'''</td> |
| <td>If checked, the server allows clients to connect with identical certificates</td> | | <td>If checked, the server allows clients to connect with identical certificates</td> |
| </tr> | | </tr> |
Line 320: |
Line 320: |
| </tr> | | </tr> |
| </table> | | </table> |
| + | |
| + | [[Category:RUT850 WebUI]] |