Black Box Value-Line and Advanced Console Servers Manual

A SERVICE OF

next previous

5 = helps with debugging connection problems

9 = extremely verbose, excellent for troubleshooting

dev tun

dev tap

Select ‘dev tun’ to create a routed IP tunnel or ‘dev tap’ to create an

Ethernet tunnel. The client and server must use the same settings.

remote <host>

The hostname/IP of OpenVPN server when operating as a client. Enter

either the DNS hostname or the static IP address of the server.

Port

The UDP/TCP port of the server.

Keepalive

Keepalive uses ping to keep the OpenVPN session alive. 'Keepalive 10

120' pings every 10 seconds and assumes the remote peer is down if no

ping has been received over a 120 second time period.

http-proxy <proxy

server> <proxy port #>

If a proxy is required to access the server, enter the proxy server DNS

name or IP and port number.

ca <file name>

Enter the CA certificate file name and location.

The same CA certificate file can be used by the server and all clients.

Note: Ensure each ‘\’ in the directory path is replaced with ‘ \\’. For

example, c:\openvpnkeys\ca.crt will become c:\\openvpnkeys\\ca.crt

cert <file name>

Enter the client’s or servers’s certificate file name and location.

Each client should have its own certificate and key files.

Note: Ensure each ‘\’ in the directory path is replaced with ‘ \\’.

key <file name>

Enter the file name and location of the client’s or server’s key.

Each client should have its own certificate and key files.

Note: Ensure each ‘\’ in the directory path is replaced with ‘ \\’.

dh <file name>

This is used by the server only.

Enter the path to the key with the Diffie-Hellman parameters.

Nobind

‘Nobind’ is used when clients do not need to bind to a local address or

specific local port number. This is the case in most client configurations.

persist-key

This option prevents the reloading of keys across restarts.

persist-tun

This option prevents the close and reopen of TUN/TAP devices across

restarts.

cipher BF-CBC Blowfish

(default)

cipher AES-128-CBC

AES

cipher DES-EDE3-CBC

Triple-DES

Select a cryptographic cipher. The client and server must use the same

settings.

comp-lzo

Enable compression on the OpenVPN link. This must be enabled on both

the client and the server.

syslog

By default, logs are located in syslog or, if running as a service on

Window, in \Program Files\OpenVPN\log directory.

To initiate the OpenVPN tunnel following the creation of the client/server configuration files:

 Right click on the OpenVPN icon in the Notification Area

 Select the newly created client or server configuration. For example, LES1216_client

 Click ‘Connect’ as shown below

_____________________________________________________________________

724-746-5500 | blackbox.com Page 75