OpenVPN Access Server is a fully featured secure network tunnelling VPN software solution that integrates OpenVPN server capabilities, enterprise management capabilities, simplified OpenVPN Connect UI, and OpenVPN Client software packages that accommodate Windows, MAC, Linux, Android, and iOS environments.
Read our tutorials and guides on how to implement new tools and technologies for your business with VitalPBX here.
OpenVPN Access Server supports a wide range of configurations, including secure and granular remote access to the internal network and/ or private cloud network resources and applications with fine-grained access control. To install the OpenVPN module you must go to the Admin/Add-ons/Add-ons menu. Press Check-Online and install VitalPBX OpenVPN. The free version is limited only to the creation of two VPN Clients.
OpenVPN Server
In this tab, you may configure the OpenVPN server and monitor its status
We will explain the meaning of all the fields who compounds the server configuration:
- Enabled, shows the current status of the OpenVPN service.
- Port, the port that OpenVPN should listen on.
- Server Range, this defines the virtual IP range to be used in the VPN tunnel network. e.g.: if you use as range the IP address 10.8.0.0, the server IP Address will be 10.8.0.1 and the first client will be assigned the IP Address 10.8.0.2.
- Public Host, remote host or IP address on the client, which specifies the OpenVPN server.
- Keep-Alive, the keepalive directive causes ping-like messages to be sent back and forth over the link so that each side knows when the other side has gone down. All values in seconds.
- Redirect Gateway, if enabled, this directive will configure all clients to redirect their default network gateway through the VPN, causing all IP traffic such as web browsing and DNS lookups to go through the VPN (The OpenVPN server machine may need to NAT or bridge the TUN/TAP interface to the internet in order for this to work properly).
- Primary DNS, Primary DNS to use when the “Redirect Gateway” option is enabled.
- Secondary DNS, Secondary DNS to use when the “Redirect Gateway” option is enabled.
- Max Clients, the maximum number of concurrently connected clients we want to allow.
- Compression, allows you to define the type of compression to use between server & clients traffic.
Adding OpenVPN Client
- Description, a short description to identify this OpenVPN client.
- Fixed IP, allows you to assign a specific IP address to this client.
- Type, it allows to define the type of client, depending on it, the configuration that is downloaded will vary.
- Enabled, it allows you to enable or disable this user.
OpenVPN Clients
In this tab you may monitor the configured clients, also you may execute some actions that we will explain below
- Description, a short description to identify this OpenVPN client.
- Assigned IP, IP Address assigned at the time of the VPN connection.
- Real Address, the IP Address from where the VPN request comes.
- Connected, connection status.
- Packets Rx/Tx, Packages received and transmitted.
- Connected Since, it shows how long the connection has been established.
- Enabled, it allows you to enable or disable this user.
- Actions
Edit, modify the client
Download, download the config file to be installed on the client.
Delete, delete the client.
OpenVPN Desktop Client Setup [ Windows ]
- Download and Install the OpenVPN Desktop Client
- Create OpenVPN Client and Download Config File
- Download the OpenVPN Config file from your VitalPBX Server.
- Add OpenVPN Configuration File to the Desktop Client
- Run the OpenVPN Client. Go to Tray Bar, select OpenVPN Icon + Right-Click. Then Import File.
- Locate and unzip your OpenVPN configuration file (client_full.ovpn) and import it.
- Connect to OpenVPN
Notes:
An IP Address will be assigned corresponding to the range programmed in the Server section. Remember that the IP Address to reach VitalPBX is the first Address in that range, that is, if we have the range 10.8.0.0, the IP Address of the PBX will be 10.8.0.1.
When you create the SIP extension to connect remember that to have audio it is necessary for the configuration of NAT to be Force, Comedia.
If you experience audio problems, add in SETTINGS/Technology Settings/PJSIP Settings the Local Net with the range declared in OpenVPN.
In future articles, we will explain how to connect as Client phones for brands such as Grandstream, Yealink, etc. as well as Android and iPhone phones.
Learn more about VitalPBX, our services and how we can help you achieve your goals in our official website.