Technical data

ManualsBrandsSamsung ManualsFlat Panel TVPC680-ZA

161

162

163

164

165

166

167

168

169

170

4. Packages

OPENVPN_x_REMOTE_HOST_N Default: OPENVPN_x_REMOTE_HOST_N=’0’

Using dynamic DNS services is not alsways 100% reliable. You may simply use two ore

more of those DynDNS services to register your current IP address with all of them at

the same time. To enable OpenVPN to go through the whole DynDNS names a list of

additional DNS names has to be set. By the help of OPENVPN_x_REMOTE_HOST OpenVPN

will try to contact these addresses in random order. Hence OPENVPN_x_REMOTE_HOST has

to exist and be conﬁgured correctly!

OPENVPN_x_REMOTE_HOST_x Default: OPENVPN_x_REMOTE_HOST_x=”

Same description as above applies here OPENVPN_x_REMOTE_HOST (Page 163).

OPENVPN_x_REMOTE_PORT Default: OPENVPN_x_REMOTE_PORT=”

Each OpenVPN connection does need an unused port address on the ﬂi4l router. It

is adviced to use ports above 10000 for those are not commonly used. If conﬁguring

a connection for a remote station with dynamically changing IP address that has no

DynDNS address omit this entry as well as OPENVPN_x_REMOTE_HOST.

OPENVPN_x_LOCAL_HOST Default: OPENVPN_x_LOCAL_HOST=”

Speciﬁes to what IP address OpenVPN will bind. For connections over the Internet this

entry should be completely omitted. If an address is set here OpenVPN will only listen

for incoming traﬃc on this IP. If you want to secure a WLAN connection you should set

the IP address of ﬂi4l’s WLAN interface card here.

OPENVPN_x_LOCAL_PORT Default: OPENVPN_x_LOCAL_PORT=”

Speciﬁes the port number the local OpenVPN daemon will listen to. For each Open-

VPN connection you need a reserved port that only can be used by this connection.

Other software on the router is not allowed to use this port. OPENVPN_x_REMOTE_PORT

and OPENVPN_x_LOCAL_PORT of each OpenVPN connection have to match! If setting

OPENVPN_x_REMOTE_PORT=’10111’ on one side of the tunnel OPENVPN_x_LOCAL_PORT=’10111’

has to be set on the other side as well.

Again: It is very important to match these settings to the according remote OpenVPN

station otherwise a connection is not possible between OpenVPN partners.

To enable OpenVPN to listen to incoming connections OpenVPN itself opens the ports

in the packet ﬁlter set in OPENVPN_x_LOCAL_PORT. If this is not your wish then you may

change this behavior in OPENVPN_DEFAULT_OPEN_OVPNPORT (Page 170). It is not necessary

to set OPENVPN_DEFAULT_OPEN_OVPNPORT=’yes’ because this is the default behavior!

OpenVPN does not work with ports lower than 1025. If i.e. OpenVPN should work as

a tcp-server on port 443 (https port) you have to forward this port via the packet ﬁlter

to a port above 1024. If i.e. OpenVPN is listening on port 5555 and port 443 should be

forwarded there PF_PREROUTING has to be set like this:

PF_PREROUTING_5='tmpl:https dynamic REDIRECT:5555'

OPENVPN_x_SECRET Default: OPENVPN_x_SECRET=”

164