TP-Link OC200 Omada Controller Software 4.1.5Windows/Linux User Guide - Page 136
to load the following Configuring the gateway as a VPN server using OpenVPN
View all TP-Link OC200 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 136 highlights
Chapter 4 Configure the Network with Omada SDN Controller Proposal PFS SA Lifetime Specify the proposal for IKE negotiation phase-2. An IPsec proposal lists the encryption algorithm, authentication algorithm and protocol to be negotiated with the remote IPsec peer. Note that both peer gateways must be configured to use the same Proposal. Select the DH group to enable PFS (Perfect Forward Security) for IKE mode, then the key generated in phase-2 will be irrelevant with the key in phase-1, which enhance the network security. With None selected, it means PFS is disabled and the key in phase-2 will be generated based on the key in phase-1. Specify IPsec SA (Security Association) Lifetime in IKE negotiation. If the SA lifetime expired, the related IPsec SA will be deleted. • Configuring the gateway as a VPN server using OpenVPN 1. Go to Settings > VPN. Click to load the following page. 2. Enter a name to identify the VPN policy and select the purpose as Client-to-Site VPN. Refer to the following table to configure the required parameters and click Create. Name Enter a name to identify the VPN policy. Purpose Select the purpose for the VPN as Client-to-Site VPN. VPN Type Select the VPN type as VPN Server - OpenVPN. Status Click the checkbox to enable the VPN policy. Protocol Select the communication protocol for the gateway which works as an OpenVPN Server. Two communication protocols are available: TCP and UDP. Service Port Enter a VPN service port to which a VPN device connects. 134