openvpnserver openvpn.inc An OpenVPN server has been deleted. An OpenVPN server has been created/modified. Server /pkg.php?xml=openvpn.xml Client /pkg.php?xml=openvpn_cli.xml Client-specific configuration /pkg.php?xml=openvpn_csc.xml disable Disabled checkbox protocol Protocol addresspool Address pool description Description disable Disable this tunnel This allows you to disable this tunnel without removing it from the list. checkbox protocol Protocol The protocol to be used for the VPN. select TCP TCP UDP UDP UDP dynamic_ip Dynamic IP Assume dynamic IPs, so that DHCP clients can connect. checkbox local_port Local port The port OpenVPN will listen on. You generally want 1194 here. input 1194 5 addresspool Address pool This is the address pool to be assigned to the clients. Expressed as a CIDR range (eg. 10.0.8.0/24). If the 'Use static IPs' field isn't set, clients will be assigned addresses from this pool. Otherwise, this will be used to set the local interface's IP. input nopool Use static IPs If this option is set, IPs won't be assigned to clients. Instead, the server will use static IPs on its side, and the clients are expected to use this same value in the 'Address pool' field. checkbox local_network Local network This is the network that will be accessable from the remote endpoint. Expressed as a CIDR range. You may leave this blank you don't want to add a route to your network through this tunnel in the remote machine. This is generally set to your LAN network. input remote_network Remote network This is a network that will be routed through the tunnel, so that a site-to-site VPN can be established without manually changing the routing tables. Expressed as a CIDR range. If this is a site-to-site VPN, enter here the remote LAN here. You may leave this blank if you don't want a site-to-site VPN. input client2client Client-to-client VPN If this option is set, clients will be able to talk to each other. Otherwise, they will only be able to talk to the server. checkbox crypto Cryptography Here you can choose the cryptography algorithm to be used. select BF-CBC auth_method Authentication method The authentication method to be used. select shared_key Shared key pki PKI (Public Key Infrastructure) onAuthMethodChanged() shared_key Shared key Paste your shared key here. textarea base64 8 40 ca_cert CA certificate Paste your CA certificate in X.509 format here. textarea base64 8 40 server_cert Server certificate Paste your server certificate in X.509 format here. textarea base64 8 40 server_key Server key Paste your server key in RSA format here. textarea base64 8 40 dh_params DH parameters Paste your Diffie Hellman parameters in PEM format here. textarea base64 8 40 crl CRL Paste your certificate revocation list (CRL) in PEM format here (optional). textarea base64 8 40 tls TLS Paste your HMAC signature (TLS) here (optional). textarea base64 8 40 dhcp_domainname DHCP-Opt.: DNS-Domainname Set connection-specific DNS Suffix. input dhcp_dns DHCP-Opt.: DNS-Server Set domain name server addresses, separated by semi-colons (;). input dhcp_wins DHCP-Opt.: WINS-Server Set WINS server addresses (NetBIOS over TCP/IP Name Server), separated by semi-colons (;). input dhcp_nbdd DHCP-Opt.: NBDD-Server Set NBDD server addresses (NetBIOS over TCP/IP Datagram Distribution Server), separated by semi-colons (;). input dhcp_ntp DHCP-Opt.: NTP-Server Set NTP server addresses (Network Time Protocol), separated by semi-colons (;). input dhcp_nbttype DHCP-Opt.: NetBIOS node type Set NetBIOS over TCP/IP Node type. Possible options: b-node (broadcasts), p-node (point-to-point name queries to a WINS server), m-node (broadcast then query name server), and h-node (query name server, then broadcast). select 0 none 1 b-node 2 p-node 4 m-node 8 h-node 0 dhcp_nbtscope DHCP-Opt.: NetBIOS Scope Set NetBIOS over TCP/IP Scope. A NetBIOS Scope ID provides an extended naming service for NetBIOS over TCP/IP. The NetBIOS scope ID isolates NetBIOS traffic on a single network to only those nodes with the same NetBIOS scope ID. input dhcp_nbtdisable DHCP-Opt.: Disable NetBIOS If this option is set, Netbios-over-TCP/IP will be disabled. checkbox use_lzo LZO compression Checking this will compress the packets using the LZO algorithm before sending them. checkbox maxclients Maximum clients The maximum number of concurrently connected clients we want to allow. input passtos Pass Type-Of-Service Checking this will set the TOS field of the tunnel packet to what the payload's TOS is. checkbox gwredir Redirect Gateway Redirect ALL traffic through the OpenVPN server. checkbox custom_options Custom options You can put your own custom options here, separated by semi-colons (;). They'll be added to the server configuration. textarea 65 5 description Description You may enter a description here. This is optional and is not parsed. input openvpn_get_ciphers(&$pkg); openvpn_print_javascript('server'); openvpn_print_javascript2(); openvpn_validate_input('server', $_POST, &$input_errors); openvpn_resync('server', $id);