Setting up OpenVPN in the IT monitoring system
Starting with firmware release “didactum-2.7.3_b805”, the IP-based IT monitoring systems offer an integrated OpenVPN client. Use the built-in OpenVPN client to access a virtual private network.
To access the VPN settings of the IT monitoring system, please go to the menu “System Settings” => “VPN Client” in the web interface.
| # | OpenVPN Setting | Description |
|---|---|---|
| 1 | Status | Displays the current OpenVPN connection status. The information can be updated using the “Refresh” function. |
| 2 | IP address | Displays the IP address assigned by the VPN network. |
| 3 | Connection Time | Displays the connection time to the VPN server. |
| 4 | Enable VPN Client | Enables or disables the VPN client. When enabled, a connection is established automatically. |
| 5 | VPN server address | IP address of the VPN server. |
| 6 | VPN server port | Port of the VPN server (typically port 1194). |
| 7 | LZO compression | Enables or disables LZO compression. |
| 8 | Authorization Type | Method used to authorize a client on the server. Authorization can be performed using a password, a certificate, or both simultaneously. |
| 9 | User Name | The username used for authorization when logging in with a username. |
| 10 | Password | The password used for authorization when logging in with a password. |
| 11 | CA certificate | Server certificate (Certificate Authority). Can be uploaded by clicking “Upload”. |
| 12 | User certificate | When using a client certificate, it can be uploaded using the “Upload” button. |
| 13 | Private key | When using a private key, upload the certificate using the “Upload” button. |
| 14 | Enable TLS static key | Enables the additional TLS authentication. This should always be used regardless of the user authentication mode. |
| 15 | TLS static key | When using a TLS static key, it can be uploaded using the “Upload” button. |
| 16 | Enable Watchdog | Enables the watchdog ping to check the connection status. |
| 17 | Watchdog period | Ping frequency of the watchdog in seconds. |
| 18 | Watchdog timeout | Timeout of the watchdog ping / the connection is considered interrupted. |
| 19 | IP address or hostname of ping destination | IP address used to check the VPN connection. |
Technical editorial notes:
After you have clicked the “Save” button, the settings you made will be saved. (Also click the floppy disk icon at the top right to permanently store the configuration.) The OpenVPN client will now start establishing the connection.
OpenVPN cannot independently monitor the connection status. Therefore, use the watchdog ping function to verify the connection status.
To test the connection, use an address within the VPN. Normally, the address of the OpenVPN server is used. If you have set a timeout, it should be at least three times longer than the ping period! If no successful ping is transmitted to the specified address within this time window, the connection is considered interrupted. The system will then attempt to establish a new connection to the OpenVPN server.