Data VPN Settings
The Data VPN Settings screen is used to define settings for a Data VPN Settings Profile that Stellar Access Points will use to access remote functionality. An Access Point retrieves the Data VPN Server Profile to use from the AP Group to which the Access Point belongs. Each AP Group is associated with a Provisioning Configuration. Access Points that are members of the AP Group utilize the Provisioning Configuration to boot up and get a basic configuration. The associated Provisioning Configuration is where the name of the Data VPN Server Profile to use is defined. A Data VPN Settings Profile is also specified when configuring a Data VPN Tunnel Profile.
Use the Data VPN Settings screen to display information about configured Data VPN Server Profiles. This screen is also used to create, edit, delete, and export Data VPN Server Profile Settings.
To access the Data VPN Settings screen, click on Wireless > Data VPN Settings under the “Configure” section of theOmniVista Cirrus Menu. The Data VPN Settings screen displays.
Creating a Data VPN Server Profile
The Create Data VPN Setting screen is used to define settings for a Data VPN Server Profile. To access this screen, click on Create Data VPN Setting.
Complete the following sections of the Create Data VPN Setting screen to define the settings for a Data VPN Server Profile:
Basic Information - Configures identifying information for the Data VPN Server Profile (for example, profile name, the public and VPN IP address for the VPN Server, and optional description).
VPN Clients IP Address Pool - Creates an IP pool that is used to assign IP addresses to clients connecting to the VPN tunnel.
Encryption Keys - Configure or automatically generate a public and private key to provide secure communication between the Data VPN Server and client.
Basic Information
Complete the fields as described below to define the basic information settings for the Data VPN Server Profile:
Name - A unique, user-defined name to assign to the Data VPN Server Profile. (1 - 64 characters)
Note that the name setting only allows lowercase, uppercase, numeral, special characters(_ -), and cannot start with “-” or contain a space between words (for example, entering “Data_Center_VPN” is allowed, but “Data Center VPN” is not).VPN Server Public IP - The public IP address of the Data VPN Server.
VPN Server Public Port - The network port of the Data VPN Server. (Range = 1 - 65535)
VPN Server Private IP - The VPN IP address of the Data VPN Server. The IP address must be within the specified IP Range.
TCPMSS - The TCP Maximum Segment Size (TCP MSS) attribute can be used to control the maximum size of packets going out through a connection. Specifically, it will cause the AP and VPN Server to choose a smaller TCP window and frame size to avoid fragmentation as much as possible. This is especially useful for Dual-stack Lite(DS-Lite) ISP connections
Description - Optional description for the Data VPN Server Profile. (1 - 255 characters)
VPN Clients IP Address Pool
Select the IP Range or Shorthand Mask radio button and complete the fields as described below to create the IP pool from which IP addresses will be assigned to clients connecting to the VPN tunnel.
IP Range
Enter the Starting and Ending IP Address in the range and Subnet Mask (for example., Starting IP Address = 192.168.1.1, Ending IP Address = 192.168.1.254 with subnet mask = 255.255.255.0).
Note: The pool for VPN Clients must contain the VPN Server Private IP.
Shorthand Mask
Enter the IP pool shorthand mask format (for example, 192.168.1.0/24).
Encryption Keys
The Public and Private key for the server is automatically generated by default. To configure the encryption keys, uncheck the box next to the “Automatically Generate” option.
Server's Public Key - The Data VPN Server’s public key used for secure communication between the Data VPN Server and client.
Server's Private Key - The Data VPN Server’s private key used for secure communication between Data VPN Server and client.
When you are done completing the Basic Information, VPN Clients IP Address Pool, and Encryption Keys sections, click on Create at the bottom-right of the screen.
Editing a Data VPN Setting
Select the Data VPN Server Profile that you want to edit from the Data VPN Settings List, then click on Edit from the “Actions” drop-down menu. The Edit Data VPN Setting screen opens. Edit the fields as described in Creating a Data VPN Server Profile, then click on Save to retain your changes.
Deleting a Data VPN Setting
Select the Data VPN Server Profile that you want to delete from the Data VPN Settings List, then click on Delete from the “Actions” drop-down menu. Click Delete on the Confirmation Prompt to confirm that you want to delete the profile.
Exporting a Data VPN Setting
Select a Data VPN Server Profile in the Data VPN Settings List and click on Export at the top of the list. The settings will be downloaded in a .conf file to your Download Directory. You can then import the settings into a Remote Data VPN Server.
Data VPN Settings List
The Data VPN Settings List displays the following information for each Data VPN Server Profile:
Name - User-configured name for the Data VPN Server. It must be unique. (1 - 64 characters)
Description - A description of the Data VPN Server. (1 - 255 characters)
VPN Server Public IP - The public IP address of the Data VPN Server.
VPN Server Private IP - The VPN IP address of the Data VPN Server.
VPN Server Public Port - The network port of the Data VPN Server.
TCPMSS - The TCP MSS value, if used.
VPN Clients IP Address Pool - Whether IP Range or Shorthand Mask is used to specify the IP address pool from which IP addresses are assigned to clients connecting to the VPN tunnel.
Network IP Address - Displays the network IP address if the Shorthand Mask option is used to specify the Client VPN IP Address Pool,
Length IP Address - Displays the length of the IP address if the Shorthand Mask option is used to specify the Client VPN IP Address Pool.
Start IP Address - Displays the starting IP address if the IP Range option is used to specify the Client VPN IP Address Pool.
End IP Address - Displays the ending IP address if the IP Range option is used to specify the Client VPN IP Address Pool.
Subnet Mask - Displays the value of the subnet mask if the IP Range option is used to specify the Client VPN IP Address Pool.