User`s guide

ManualsBrandsDigi ManualsComputer equipmentTransPort WR41

221

222

223

224

225

226

227

228

229

230

222

TLS auth password / Confirm TLS auth password

This allows the OpenVPN instance to use an extra level of security by having a TLS

password configured.

Push IP address #1/#2/#3

When configured as an OpenVPN server, these parameters can be used to push subnets to

the client that need to be routed via the OpenVPN server. Used in conjunction with the

Push Mask parameter below.

Push mask #1/#2/#3

Used with the Push IP address parameter above to define subnets that should be routed via

the OpenVPN server.

Push DNS server address #1/#2

When configured as an OpenVPN server, these parameters can be used to push DNS server

settings to the OpenVPN client.

Pull interface IP address

When configured as an OpenVPN client, this option must be enabled for the router to obtain

and use the local IP address supplied from the OpenVPN server.

Pull routes

When configured as an OpenVPN client, this option must be enabled for the router to use

routes sent from the OpenVPN server.

Pull DNS server addresses

When configured as an OpenVPN client, this option must be enabled for the router to use

DNS servers sent from the OpenVPN server.

Packet replay ID window

When set to a non-zero value, this enables sequence number replay detection. It indicates

the number of packet IDs lower than the current highest ID to allow out of sequence.

Packet replay time window (seconds)

Set to a non-zero value to enable time tracking of incoming packets.

OpenVPN TX ping interval (seconds)

Interval between OpenVPN ping transmissions. These are required to detect the operational

state of the VPN connection.

OpenVPN RX ping timeout (seconds)

The number of seconds, after which no OpenVPN ping has been received, the VPN will be

marked as down.

Include IV

Enabling this option on includes an IV at the head of an encrypted packet. If one peer

prepends this IV and the other isn’t expecting it, packet decryption will fail.

Key negotiation timeout (seconds)

Maximum time in seconds to allow for a data channel key negotiation.

Key renegotiation interval (seconds)

Interval between key re-negotiations.

Key renegotiation bytes

If non-zero, a key renegotiation will take place after this many bytes have travelled through

the data channel (in either direction).