92
edits
Changes
mLine 44:
Line 44: − + Line 55:
Line 55: − + − + − + − + − + Line 74:
Line 74: − + − + − + − + − + Line 93:
Line 93: − + + + + + + − Line 113:
Line 117: − +
Fixes
[[How to generate TLS certificates (Windows)?]]
[[How to generate TLS certificates (Windows)?]]
[[File:Certificate download v4.png|none|border|left|class=tlt-border]]
[[File:Certificate download v4.png|none|border|left|class=tlt-border|1100x1100px]]
For any OpenVPN clients, You will need to generate “Client” certificates, download certificate and key, and send them to the client
For any OpenVPN clients, You will need to generate “Client” certificates, download certificate and key, and send them to the client
[[File:OpenVPN server settings v3.png|none|border|left|class=tlt-border]]
[[File:OpenVPN server settings v3.png|none|border|left|class=tlt-border]]
1) <b>Client to client</b> – disabled
1 - <b>Client to client</b> – disabled
2) <b>Virtual network IP address</b> – 10.0.0.0
2 - <b>Virtual network IP address</b> – 10.0.0.0
3) <b>Virtual network netmask</b> – 255.255.255.224
3 - <b>Virtual network netmask</b> – 255.255.255.224
4) <b>Certificate files from device</b> - on
4 - <b>Certificate files from device</b> - on
Press '''"Save & Apply"''', enable OpenVPN server and check if the server is online.
Press '''"Save & Apply"''', enable OpenVPN server and check if the server is online.
[[File:OpenVPN server is online v3.png|none|border|left|class=tlt-border]]
[[File:OpenVPN server is online v3.png|none|border|left|class=tlt-border|1100x1100px]]
=Connecting clients to the OpenVPN server=
=Connecting clients to the OpenVPN server=
[[File:OpenVPN Client1 v3.png|none|border|center|class=tlt-border]]
[[File:OpenVPN Client1 v3.png|none|border|center|class=tlt-border]]
   1) '''Remote host/IP address''' - Public IP of the OpenVPN server's router
   1 - '''Remote host/IP address''' - Public IP of the OpenVPN server's router
   2) '''Remote network IP address''' - 10.0.0.0
   2 - '''Remote network IP address''' - 10.0.0.0
   3) '''Remote network netmask''' - 255.255.255.224
   3 - '''Remote network netmask''' - 255.255.255.224
   4) '''Add the certificates from the OpenVPN server''' - Certificate Authority, Client certificate, and Client key which we downloaded in the Certificate Generation step.
   4 - '''Add the certificates from the OpenVPN server''' - Certificate Authority, Client certificate, and Client key which we downloaded in the Certificate Generation step.
  4. Press "'''Save & Apply'''", enable OpenVPN client and check if the connection is made
  4. Press "'''Save & Apply'''", enable OpenVPN client and check if the connection is made
[[File:OpenVPN Client1 connected v2.png|none|border|left|class=tlt-border]]
[[File:OpenVPN Client1 connected v2.png|none|border|left|class=tlt-border|1100x1100px]]
Repeat this step for as many clients as You need. For this example, we will have 3 clients
Repeat this step for as many clients as You need. For this example, we will have 3 clients
  On the OpenVPN server router, navigate to '''Services -> VPN -> OpenVPN''', Press "'''Edit'''" on the server, scroll down and add TLS clients and add clients which LAN address You want to have access to, in our case, we add all 3 clients
  On the OpenVPN server router, navigate to '''Services -> VPN -> OpenVPN''', Press "'''Edit'''" on the server, scroll down and add TLS clients and add clients which LAN address You want to have access to, in our case, we add all 3 clients
===TLS Client 1===
----
[[File:TLS Client1 v3.png|none|border|left|class=tlt-border]]
[[File:TLS Client1 v3.png|none|border|left|class=tlt-border]]
===TLS Client 2===
----
[[File:TLS Client2 v3.png|none|border|left|class=tlt-border]]
[[File:TLS Client2 v3.png|none|border|left|class=tlt-border]]
===TLS Client 3===
----
[[File:TLS Client3 v3.png|none|border|left|class=tlt-border]]
[[File:TLS Client3 v3.png|none|border|left|class=tlt-border]]
<ul>
<ul>
  Navigate to '''Network -> Firewall -> General settings -> Zones''' and set OpenVPN zone to forward traffic to LAN
  Navigate to '''Network -> Firewall -> General settings -> Zones''' and set OpenVPN zone to forward traffic to LAN
[[File:OpenVPN to LAN zone forward.png|none|border|left|class=tlt-border]]
[[File:OpenVPN to LAN zone forward v2.png|none|border|left|class=tlt-border|1100x1100px]]