1 前言
在OpenVPN连接两个局域网(使用华硕RT-AC87U)这篇文章中,我详细讲述了使用ASUS RT-AC87U的OpenVPN功能架设VPN的方案及隐藏在路由器界面背后的配置。这篇文章的目的,是把这些背后的配置同路由器配置界面上的配置选项联系起来。
2 配置
下表是AC87U的OpenVPN配置界面配置项与OpenVPN本身配置选项的关系。后面的附图,是AC87U OpenVPN配置界面。
| AC87U | OpenVPN |
|---|---|
| Interface Type | --dev tunX | tapX |
| Protocol | --proto p |
| Server Port | --port port |
| Firewall | Not sure |
| Authorization Mode | --tls-server & --secret ( Not sure ) |
| Username/Password Auth. Only | --client-cert-not-required ( Not sure ) |
| Extra HMAC authorization (tls-auth) | --tls-auth file [direction] |
| VPN Subnet / Netmask | --server network netmask |
| Poil Interval ( 0 to disable ) | Not sure |
| Push LAN to clients | --push "route network mask" ( Only push the subnet of LAN port of AC87U) |
| Direct clients to redirect Internet traffic | --push "redirect-gateway def1" |
| Respond to DNS | Not sure |
| Encryption cipher | --cipher alg |
| Compression | --comp-lzo [mode] |
| TLS Renegotiation Time ( -1 for default ) | --reneg-sec n ( Not sure ) |
| Manage Client-Specific Options | --client-config-dir dir |
| Allow Client <-> Client | --client-to-client |
| Allow only specified clients | --ccd-exclusive |
| Allowed Clients | --route network/IP [netmask] [gateway] [metric] in main configuration file and corresponding --iroute network [netmask] in files of client-config-dir directory |
Visits: 4512