Open the OpenVPN dialog to configure camera's OpenVPN client settings.
For more information about OpenVPN, visit the OpenVPN Community website.
Creating an OpenVPN connection requires a corresponding server, which provides secure access to the camera. To do so, you could run your own OpenVPN server or use the service from an OpenVPN provider.
Parameter |
Description |
---|---|
OpenVPN |
Enables or disables the OpenVPN client. |
Server Address |
Enter the address to which the OpenVPN client will connect. |
Server Port |
Enter the port to which the OpenVPN server is listening for incoming connections. (OpenVPN option |
Encryption |
Select the encryption cipher that is being used. The encryption ciphers are included in the OpenSSL library. For additional information on this topic, see the following websites: |
Communication Protocol |
Depending on the OpenVPN server settings, you can choose UDP or TCP. |
LZO Compression |
Use this option to enable LZO data compression. For more information about LZO, see www.oberhumer.com. |
Maximum Fragment Size |
UDP only! Set the size of the data fragments to n bytes. This can help prevent the fragmentation of UDP packets. (OpenVPN option |
mssfix Size |
UDP only! Improves the TCP connection over the UDP tunnel by reducing the TCP packet size. (OpenVPN option |
TUN Device MTU |
Set the MTU of the used TUN device. This depends on the connection type used. (OpenVPN option |
MTU Test |
UDP only! This test can help in finding good MTU parameters. Do not use this test in normal operation mode. |
Ping Interval |
Sends a ping to the remote server over the tunnel if no packets have been sent for at least n seconds. This option keeps the tunnel open if the connection between the camera and the server runs over a stateful inspection firewall. (OpenVPN option |
Ping Restart |
If the remote server is not sending a ping or other packet for more than n seconds, the OpenVPN client on the camera will restart the connection. (OpenVPN option |
Renegotiation |
Renegotiates the data channel key after n seconds (default is 3600s). Once the timeout is reached on either the server or the client side, the camera starts the renegotiation process. Setting this value to 0 disables client-side renegotiation. (OpenVPN option |
Parameter |
Description |
---|---|
VPN Certificates |
If the private key is protected by a Passphrase, enter the corresponding Passphrase in this field. The keyfiles can managed in the Manage VPN Certificates dialog. |
VPN User Name |
Enter the OpenVPN user name in this field. (OpenVPN option |
VPN Password |
Enter the OpenVPN password in this field. (OpenVPN option |
Parameter |
Description |
---|---|
VPN Logging Level |
|
The Manage VPN Certificates dialog manages the certificates that are used to establish OpenVPN connections.
To authenticate the server against the camera, a certificate from an Certificate Authority (CA) is required. In addition, it is possible to use an RSA-based public/private key pair to authenticate the camera against the server.
Parameter |
Description |
---|---|
Certificate Authority (CA) Certificate |
Use this section to store a new certificate from a CA in the camera. Upload: uploads a certificate in .PEM format to the camera. Delete: Removes the certificate. |
Client Certificate |
Use this section to store a new public key in the camera for authenticating the camera against the server. Upload: uploads a certificate in .PEM format to the camera. Delete: Removes the certificate. |
Client Key |
The private key contains the secret part of the public/private key authentication scheme. Use this section to store a new private key in the camera. Upload: uploads a private key in .PEM format to the camera. Delete: Removes the private key. To enter the Passphrase, go back to the OpenVPN dialog. |
1. |
Which types of VPN are supported? |
This implementation currently supports the OpenVPN protocol in point-to-point mode (routing). |
|
2. |
Which type of encryption is used? |
You can select different encryption ciphers depending on the requirements of the server. |
|
3. |
How can I recognize if a connection is valid or not? |
The VPN log file should contain the message " |
|
4. |
Why aren't the certificates accepted by the server? |
|
1. |
The camera cannot establish a connection to the OpenVPN server. |
|
|
2. |
TLS ERROR |
|
|
3. |
No client-side authentication method is specified. |
|
|
4. |
Network is unreachable, Check your network connectivity. |
|
|
5. |
HOST_NOT_FOUND, Cannot resolve host address, The specified host is unknown |
|
|
6. |
Write to TUN/TAP: Invalid argument (code=22) |
Make sure that you are using the same settings for LZO Compression on the server and the client. |
設定 ボタンをクリックすると、次にカメラが再起動するまでの間、設定内容が保存され有効になります。
出荷時設定 ボタンをクリックして、このダイアログに工場出荷時設定値をロードします (このボタンはすべてのダイアログにはありません)。
リストア ボタンをクリックすると、カメラに永久保存される前の直近の変更が元に戻ります。
閉じる ボタンをクリックするとダイアログが終了します。ダイアログを終了している間、システムは設定全体に変更があるかどうか確認をします。設定に変更が検出されると、システム設定値を永久に保存するかどうか確認されます。