Open the OpenVPN dialog to configure camera's OpenVPN client settings.
For more information about OpenVPN, visit the OpenVPN Community website.
Creating an OpenVPN connection requires a corresponding server, which provides secure access to the camera. To do so, you could run your own OpenVPN server or use the service from an OpenVPN provider.
Parameter |
Description |
---|---|
OpenVPN |
Enables or disables the OpenVPN client. |
Server Address |
Enter the address to which the OpenVPN client will connect. |
Server Port |
Enter the port to which the OpenVPN server is listening for incoming connections. (OpenVPN option |
Encryption |
Select the encryption cipher that is being used. The encryption ciphers are included in the OpenSSL library. For additional information on this topic, see the following websites: |
Communication Protocol |
Depending on the OpenVPN server settings, you can choose UDP or TCP. |
LZO Compression |
Use this option to enable LZO data compression. For more information about LZO, see www.oberhumer.com. |
Maximum Fragment Size |
UDP only! Set the size of the data fragments to n bytes. This can help prevent the fragmentation of UDP packets. (OpenVPN option |
mssfix Size |
UDP only! Improves the TCP connection over the UDP tunnel by reducing the TCP packet size. (OpenVPN option |
TUN Device MTU |
Set the MTU of the used TUN device. This depends on the connection type used. (OpenVPN option |
MTU Test |
UDP only! This test can help in finding good MTU parameters. Do not use this test in normal operation mode. |
Ping Interval |
Sends a ping to the remote server over the tunnel if no packets have been sent for at least n seconds. This option keeps the tunnel open if the connection between the camera and the server runs over a stateful inspection firewall. (OpenVPN option |
Ping Restart |
If the remote server is not sending a ping or other packet for more than n seconds, the OpenVPN client on the camera will restart the connection. (OpenVPN option |
Renegotiation |
Renegotiates the data channel key after n seconds (default is 3600s). Once the timeout is reached on either the server or the client side, the camera starts the renegotiation process. Setting this value to 0 disables client-side renegotiation. (OpenVPN option |
Parameter |
Description |
---|---|
VPN Certificates |
If the private key is protected by a Passphrase, enter the corresponding Passphrase in this field. The keyfiles can managed in the Manage VPN Certificates dialog. |
VPN User Name |
Enter the OpenVPN user name in this field. (OpenVPN option |
VPN Password |
Enter the OpenVPN password in this field. (OpenVPN option |
Parameter |
Description |
---|---|
VPN Logging Level |
|
The Manage VPN Certificates dialog manages the certificates that are used to establish OpenVPN connections.
To authenticate the server against the camera, a certificate from an Certificate Authority (CA) is required. In addition, it is possible to use an RSA-based public/private key pair to authenticate the camera against the server.
Parameter |
Description |
---|---|
Certificate Authority (CA) Certificate |
Use this section to store a new certificate from a CA in the camera. Upload: uploads a certificate in .PEM format to the camera. Delete: Removes the certificate. |
Client Certificate |
Use this section to store a new public key in the camera for authenticating the camera against the server. Upload: uploads a certificate in .PEM format to the camera. Delete: Removes the certificate. |
Client Key |
The private key contains the secret part of the public/private key authentication scheme. Use this section to store a new private key in the camera. Upload: uploads a private key in .PEM format to the camera. Delete: Removes the private key. To enter the Passphrase, go back to the OpenVPN dialog. |
1. |
Which types of VPN are supported? |
This implementation currently supports the OpenVPN protocol in point-to-point mode (routing). |
|
2. |
Which type of encryption is used? |
You can select different encryption ciphers depending on the requirements of the server. |
|
3. |
How can I recognize if a connection is valid or not? |
The VPN log file should contain the message " |
|
4. |
Why aren't the certificates accepted by the server? |
|
1. |
The camera cannot establish a connection to the OpenVPN server. |
|
|
2. |
TLS ERROR |
|
|
3. |
No client-side authentication method is specified. |
|
|
4. |
Network is unreachable, Check your network connectivity. |
|
|
5. |
HOST_NOT_FOUND, Cannot resolve host address, The specified host is unknown |
|
|
6. |
Write to TUN/TAP: Invalid argument (code=22) |
Make sure that you are using the same settings for LZO Compression on the server and the client. |
Fare clic sul pulsante Imposta per attivare le impostazioni e salvarle fino al prossimo riavvio della videocamera.
Fare clic sul pulsante Default per caricare i valori di default di questa finestra di dialogo (opzione non presente in tutte le finestre di dialogo).
Fare clic sul pulsante Ripristina per annullare le modifiche piĆ¹ recenti che non sono state memorizzate in modo permanente nella videocamera.
Fare clic sul pulsante Chiudi per chiudere la finestra di dialogo. Durante la chiusura della finestra di dialogo il sistema verifica eventuali modifiche nella configurazione. Se le rileva chiede di memorizzare in modo permanente l'intera configurazione.