Inhaltsverzeichnis   MOBOTIX Online-Hilfe

OpenVPN Configuration

Open the OpenVPN dialog to configure camera's OpenVPN client settings.

For more information about OpenVPN, visit the OpenVPN Community website.


Requirements

Creating an OpenVPN connection requires a corresponding server, which provides secure access to the camera. To do so, you could run your own OpenVPN server or use the service from an OpenVPN provider.


General OpenVPN Setup

Parameter Description
OpenVPN Enables or disables the OpenVPN client.
Server Address Enter the address to which the OpenVPN client will connect.
Server Port Enter the port to which the OpenVPN server is listening for incoming connections.
(OpenVPN option --rport port)
Cipher Select the encryption cipher that is being used.
The encryption ciphers are included in the OpenSSL library.
For additional information on this topic, see the following websites:
Communication Protocol Depending on the OpenVPN server settings, you can choose UDP or TCP.
LZO Compression Use this option to enable LZO data compression. For more information about LZO, see www.oberhumer.com.
Maximum Fragment Size UDP only! Set the size of the data fragments to n bytes. This can help prevent the fragmentation of UDP packets.
(OpenVPN option --fragment max)
mssfix Size UDP only! Improves the TCP connection over the UDP tunnel by reducing the TCP packet size.
(OpenVPN option --mssfix max)
TUN Device MTU Set the MTU of the used TUN device. This depends on the connection type used.
(OpenVPN option --tun-mtu n)
MTU Test UDP only! This test can help in finding good mtu parameters. Do not use this test in normal operation mode.
Ping Interval Sends a ping to the remote server over the tunnel if no packets have been sent for at least n seconds. This option keeps the tunnel open if the connection between the camera and the server runs over a stateful inspection firewall.
(OpenVPN option --ping n)
Ping Restart If the remote server is not sending a ping or other packet for more than n seconds, the OpenVPN client on the camera will restart the connection. (OpenVPN option --ping-restart n)
Renegotiation Renegotiates the data channel key after n seconds (default is 3600s). Once the timeout is reached on either the server or the client side, the camera starts the renegotiation process. Setting this value to 0 disables client-side renegotiation.
(OpenVPN option --reneg-sec n)

Authentication

Parameter Description
VPN Certificates If the private key is protected by a Passphrase, enter the corresponding Passphrase in this field. The keyfile can managed in the Manage VPN Certificates dialog.
VPN User Name Enter the OpenVPN user name in this field.
(OpenVPN option --auth-user-name)
VPN Password Enter the OpenVPN password in this field.
(OpenVPN option --auth-user-pass)

Logging Options

Parameter Description
VPN Logging Level
  • 0: No output except fatal errors
  • 1: Small amount of status information
  • 2: More status information, e.g., certification and encryption status
  • 3: Even more status information
  • 4: Full status information

Manage VPN Certificates

The Manage VPN Certificates dialog manages the certificates that are used to establish OpenVPN connections.

To authenticate the server against the camera, a certificate from an Certificate Authority (CA) is required. In addition, it is possible to use an RSA-based public/private key pair to authenticate the camera against the server.

Parameter Description
Certificate Authority (CA) Certificate

Use this section to store a new certificate from a CA in the camera.

Upload: uploads a certificate in .PEM format to the camera.
Delete: removes the certificate.

Client Certificate

Use this section to store a new public key in the camera for authenticating the camera against the server.

Upload: uploads a certificate in .PEM format to the camera.
Delete: removes the certificate.

Client Key

The private key contains the secret part of the public/private key authentication scheme. Use this section to store a new private key in the camera.

Upload: uploads a private key in .PEM format to the camera.
Delete: removes the private key.

To enter the Passphrase, go back to the OpenVPN dialog.

FAQs and Error Messages

Frequently Asked Questions

Error Messages

Additional Information


Konfiguration sichern

Klicken Sie auf Setzen, um die Einstellungen zu aktivieren und bis zum nächsten Neustart der Kamera zu sichern.

Klicken Sie auf Voreinstellung, um diesen Dialog auf die werkseitigen Voreinstellungen zurückzusetzen (dieser Button wird nicht in allen Dialogen angezeigt).

Klicken Sie auf Wiederherstellen, um alle Änderungen seit dem letzten permanenten Speichern der Konfiguration zu verwerfen.

Beenden Sie den Dialog durch Klick auf Schließen. Hierbei wird geprüft, ob Änderungen der Gesamtkonfiguration vorliegen. Ist dies der Fall, werden Sie gefragt, ob die Gesamtkonfiguration dauerhaft gesichert werden soll.

de, en

© 2001-2019 MOBOTIX AG, Germany · http://www.mobotix.com/