System Description
#cp/etc/easy-rsa/pki/ca.crt/etc/openvpn/
#cp/etc/easy-rsa/pki/dh.pem/etc/openvpn/
#cp/etc/easy-rsa/pki/issued/server.crt/etc/openvpn/
#cp/etc/easy-rsa/pki/private/server.key/etc/openvpn/
(11)Copythefollowingfiles toyourmachine:(Thesewillberequiredbytheclient)
/etc/easy-rsa/pki/ca.crt
/etc/easy-rsa/pki/issued/smallsatcom.crt
/etc/easy-rsa/pki/private/smallsatcom.key
(12)Openport1194inthefirewalbygoingtoNetwork->Firewall.Then“TraffiRules”taband
clickAddonthebottom.Enterthefollowingconfiguration
•Name:openvpn-udp
•Protocol:UDP
•Sourcezone:wan
•Destinationzone:Device(input)
•Destinationport:1194
•Action:Accept
(13)UsingtheLUCIWebUISelectVPN->OpenVPN.Thenentersmallsatcom_tapintheinstance
namebelow“T emplateBasedConfiguration”Select“Serverconfiguration foranethernet
bridgeVPN”fromthetemplatelistandclickAdd.ClickEditnexttothenewlyaddedinterface.
(14)(Somefields might bemissing;thesecanbeaddedbygoingtothebottomofthepageand
selectingitfromthe“Additional-fielddrop-downmenu.)Enterthefollowingconfiguration
•verb:3
•port:1194
•dev_type:tap
•server_bridge:192.168.1.1255.255.255.0192.168.1.128192.168.1.254
•comp_lzo:yes
•keepalive:1060
•ca:[clickonFilenotaccessibleandselectca.crt]
•dh:[clickonFilenotaccessibleandselectdh.pem]
•cert:[clickonFilenotaccessibleandselectserver.crt]
•key:[clickonFilenotaccessibleandselectserver.key]
•proto:udp
(15)ClickSave&Apply,thenBacktoOverview.
(16)Tickthe“Enabled”boxnexttothe“smallsatcom_tap”line.Save&ApplyandthenStartthe
VPNServer.
(17)OpenLANinterfacesettings,goto“PhysicalSettings”tabandadd“tap0”totheinterfacesfrom
drop-downlist.Save,thenSave&Apply.
(18)ReboottheroutertoApplyallchanges.
(19)Serverconfiguration iscomplete.
Page 47
18 Feb 2021
©HoneywellInternationalInc.DonotcopywithoutexpresspermissionofHoneywell.
SYSTEM DESCRIPTION, INSTALLATION, AND MAINTENANCE MANUAL
SMALL SATCOM