Gennet-OxyGEN RFA1400.Wv2 Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

Gennet-OxyGEN

RFA1400.Wv2

Page 201 / 237 Scroll up to view Page 196 - 200

OxyGEN

mini

Office

Administrator’s Guide

Server Mode

When OxyGEN miniOffice is configured to run in Server mode, the configuration page presented in

Figure 11.5 appears. When using a Routed type of tunnel, to configure your device, you must specify

the

Network

and

Netmask

values for the subnet used as an IP address pool for the connected clients.

Each remote client that connects to the OxyGEN SSL-VPN server will automatically acquire an IP address

from this pool. If, on the other hand, you have selected a Bridged type of tunnel, no IP addressing info

is required and you must only select which LAN Service is going to be bridged over the SSL VPN tunnel.

The DHCP server of the selected Service is also going to be used for providing IP addressing information

to any requests received over the tunnel. Once you have entered the correct values, click

Apply

order to activate your settings.

The final step in order to finish setting up the SSL-VPN server, is to define remote users and generate

the corresponding certificates. To this end click the

Manage

key under the

Users

heading. The screen

presented in Figure 11.6 appears. The table at the top of the page, displays a list of the configured users.

You can Revoke configured users by clicking on the corresponding

icon of

Action

column.

In order to add a new remote user, enter the username under the

Add New User

heading and click

the

Save

key. The new user is added and a message window opens prompting you to save a zip file.

This zip file contains the certificates corresponding to the added user. Save the file and give it using a

secure method (e.g. not via e-mail) to the new remote user. The zip file contains all information needed

in order to connect to the SSL-VPN server running on your OxyGEN miniOffice.

Note

There is no way of re-generating the certificates corresponding to a configured SSL VPN

username. In case you want to do so, the only option is to revoke the username and

then add it again.

Client Mode

When OxyGEN miniOffice is configured to run in Client mode, the following fields appear in the SSL-VPN

web configuration page presented in Figure 11.4. The first task is to specify the hostname or IP address

of the SSL-VPN server in the

Host/IP

field. When using a Routed type of tunnel, it is also possible to select

NAT

(Network Address Translation) is going to be used over the tunnel.

This way, once the server

assigns an IP address to the client, all devices in the LAN behind the client OxyGEN miniOffice are going

to appear to the server as if they have the client’s tunnel IP address. If, on the other hand, you have

selected a Bridged type of tunnel, you must only select which LAN Service is going to be bridged over

the SSL VPN tunnel. Once you have entered the correct values, click

Apply

in order to activate your

settings.

In order to finish with the secure connection to the SSL-VPN server, you will also need to install the

corresponding certificate files. These certificates must be provided to you by the administrator of the

SSL-VPN server. In the case of an OxyGEN miniOffice acting as the server, this is the zip file that was

Gennet s.a.

201

Page 202 / 237

OxyGEN

mini

Office

Administrator’s Guide

saved once the username was added to the users database. The zip file containing all the appropriate

certificate files can be uploaded using the

Browse

key and finally by clicking the

Upload

key.

How to Connect from a PC

In order to connect from a PC to an OxyGEN miniOffice configured to run in Server mode, you will need

to install the

OpenVPN client

. To download OpenVPN, go to

http://openvpn.net/download.html

For Microsoft Windows 2000 or later versions, a self-installing exe file can be downloaded. It is highly

recommended that you install OpenVPN version 2.1 or later, since it includes a GUI that significantly

simplifies the OpenVPN operation.

After running the Windows installer, OpenVPN is ready to use. The last thing remaining before being

able to connect to the OxyGEN server is to install the corresponding certificate files. To this end, you

must unzip the zip file that was generated by the server upon the user creation. The correct path for

an installation including the OpenVPN GUI is usually under

Program Files/OpenVPN/config/

Place all files contained in the zip archive into this directory.

The file

connect.ovpn

is the main

configuration file containing all the OpenVPN connection parameters.

If your OxyGEN server is using the

Dynamic DNS

service in order to update its dynamic IP address,

you are ready to connect since the connect.ovpn file already contains the corresponding hostname of

the server. Otherwise, you must manually configure the connect.ovpn file and modify accordingly the

line starting with the keyword

remote

. The syntax of the command is

remote server port

where

server

is the hostname or IP of the OpenVPN server and

port

is equal to 1194.

Once the connect.ovpn file contains the correct hostname or IP of the OpenVPN server, you are

ready to connect. You can connect directly from the connect.ovpn file by right-clicking and selecting

Start OpenVPN

on this configuration file. Once running, you can use the

key to exit. Alternatively,

if you have installed the GUI, start it. The

icon appears on the taskbar. Right-click on it and select

Connect

in order to start the SSL-VPN connection towards the OxyGEN server. Once connected, the red

screens on the GUI icon will turn into green and a notification will appear with the assigned IP address.

Please refer to

http://openvpn.net/

for more detailed information about OpenVPN installation and

configuration for Windows-based PCs but also for other operating systems.

WARNING

If you have configured IP static routes on your OxyGEN SSL-VPN server, these routes are

automatically going to be passed to every client upon successful connection.

Gennet s.a.

202

Page 203 / 237

OxyGEN

mini

Office

Administrator’s Guide

WARNING

You must use the same Type (Routed or Bridged) on both ends of the SSL VPN tunnel,

or otherwise the two devices will fail to connect.

Gennet s.a.

203

Page 204 / 237

OxyGEN

mini

Office

Administrator’s Guide

Gennet s.a.

204

Page 205 / 237

ISDN Interfaces

ISDN Cable Pinout

The OxyGEN miniOffice is optionally equipped with one or more ISDN interfaces (BRI or PRI). These ISDN

interfaces are programmable and can be configured to operate either in

External (TE)

Internal (NT)

mode (please refer to section

ISDN Interfaces

on page 114 for details). External mode must be selected

in order to connect the interface to an ISDN Network Termination Unit (NT) and the public ISDN network.

On the other hand, Internal mode must be selected in order to connect to an ISDN PBX replacing the

ISDN Network Termination Unit and the public ISDN network with the broadband VoIP network.

Although programmable, you will need a different type of cable for each mode of operation. The

default pinout of both BRI and PRI ISDN interfaces corresponds to NT mode operation. This means that,

when a port is configured to operate in Internal (NT) mode, a straight-through cable must be used for the

connection to the corresponding TE ISDN interface (see tables F.2 and F.4). On the other hand, when a

port is configured to operate in External (TE) mode, an ISDN crossover cable is required (see tables F.3

and F.5).

ISDN S-bus Termination

The BRI S-Interface is a 4-wire interface, with separate Transmit and Receive pairs. It can operate in four

modes:

205

Rate

Popular Gennet-OxyGEN Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share