TrueNAS CORE
TrueNAS Enterprise
TrueNAS SCALE
TrueCommand
Compare Editions
Software Status
FreeNAS
Systems Overview
M-Series
X-Series
R-Series
Mini Series
Download TrueNAS CORE
Download TrueNAS SCALE
Get TrueNAS EnterpriseOpenVPN
3 minute read.
Last Modified 2022-12-01 12:22 -0500The OpenVPN widget on the Network screen displays OpenVPN Client and Server statuses. Use this to manually stop and start OpenVPN Client and Server services.
Clicking Client opens the Open VPN Client configuration form.
| Setting | Description |
|---|---|
| Client Certificate | Choose a valid client certificate which exists on this system and hasn’t been revoked. |
| Root CA | The Certificate Authority (CA) must be the root CA you used to sign the client and server certificates. |
| Remote | A valid IP address or domain name to which OpenVPN will connect. |
| Port | The port that the OpenVPN connection is to use. |
| Authentication Algorithm | Choose an algorithm to authenticate packets. |
| Cipher | Choose a cipher algorithm to encrypt data channel packets. |
| Compression | Choose a compression algorithm for traffic. Leave empty to send data uncompressed. LZO is a standard compression algorithm that is backward compatible with previous (pre-2.4) versions of OpenVPN. LZ4 is newer and typically faster and requires fewer system resources. |
| Protocol | Choose between UDP or TCP OpenVPN protocols. UDP sends packets in a continuous stream. TCP sends packets sequentially. UDP is usually faster and less strict about dropped packets than TCP. To force the connection to be IPv4 or IPv6, choose one of the 4 or 6 UDP or TCP options. |
| Device Type | Use a TUN or TAP virtual networking device and layer with OpenVPN. The device must be identical between the OpenVPN server and clients. |
| Nobind | Enable to prevent binding to local address and port. Must be enabled if OpenVPN client and server are to run concurrently. |
| TLS Crypt Auth Enabled | Enable/disable TLS Web Client Authentication. |
| Additional Parameters | Additional parameters. |
| TLS Crypt Auth | Provide static key for authentication/encryption of all control channel packets when tls_crypt_auth_enabled is enabled. |
Clicking Server opens the Open VPN Server configuration form.
| Setting | Description |
|---|---|
| Server Certificate | Choose a valid server certificate which exists on this system and hasn’t been revoked. |
| Root CA | The Certificate Authority (CA) must be the root CA you used to sign the client and server certificates. |
| Server | Enter the IP address and netmask of the server. |
| Port | The port that the OpenVPN connection is to use. |
| Authentication Algorithm | Choose an algorithm to authenticate packets. |
| Cipher | Choose a cipher algorithm to encrypt data channel packets. |
| Compression | Choose a compression algorithm for traffic. Leave empty to send data uncompressed. LZO is a standard compression algorithm that is backward compatible with previous (pre-2.4) versions of OpenVPN. LZ4 is newer and typically faster and requires fewer system resources. |
| Protocol | Choose between UDP or TCP OpenVPN protocols. UDP sends packets in a continuous stream. TCP sends packets sequentially. UDP is usually faster and less strict about dropped packets than TCP. To force the connection to be IPv4 or IPv6, choose one of the 4 or 6 UDP or TCP options. |
| Device Type | Use a TUN or TAP virtual networking device and layer with OpenVPN. The device must be identical between the OpenVPN server and clients. |
| Topology | Configure virtual addressing topology when running in TUN mode. (TAP mode always uses a SUBNET topology.) |
| TLS Crypt Auth Enabled | Enable/disable TLS Web Client Authentication. |
| Additional Parameters | Additional parameters. |
| TLS Crypt Auth | Provide static key for authentication/encryption of all control channel packets when tls_crypt_auth_enabled is enabled. |
The and buttons start and stop the OpenVPN server and client.