The routers of INSYS icom can act as OpenVPN server and/or establish connections to an OpenVPN server as OpenVPN client.
This Configuration Guide shows how to configure an INSYS icom router as OpenVPN client.
The description in this Configuration Guide follows a configuration in the new user interface (web interface) available from icom OS 5.5. Update your router to the latest version of icom OS for the required functionality of the new user interface. The description of this configuration in the classic web interface is available in this Configuration Guide.
Situation
The router shall be included into an existing OpenVPN network as client.
Solution
The Startup wizard of the router permits to prepare an optional OpenVPN connection besides the configuration of Internet access.
It is prerequisite that the respective certificates and keys or an OpenVPN configuration file are available and the configuration of the server is known. We act on the assumption that the router is in default settings for the following proceeding.
|
Update your router to iom OS 7.3 or later first! All encryption algorithms that are no longer considered sufficiently secure have been removed starting with this version, which eliminates the possibility of such algorithms being used inadvertently. |
Configuration via web interface
-
Open the user interface of the router in a browser: insys.icom [1]
-
Click on To Startup wizard under
Startup wizard on the splash screen. -
Click in the
Wizards → Startup wizard menu on START 
. -
If necessary, change the settings for System time and click on NEXT
. -
Enter a User name and Password for Authentication or configure an Authentication through certificates and click on NEXT
. -
Configure the Internet connection and click on NEXT
. -
Select under Type of VPN connection OpenVPN and as Client as Mode.
-
If you have an OpenVPN configuration file, select Import Client Configuration (.ovpn) and upload the configuration file in the field below. [2].
-
If you configure the OpenVPN client manually, select Manual client configuration and configure the connection to the OpenVPN server manually:
-
Enter the address of the OpenVPN server as VPN server address.
-
Enter the port addresses of the tunnel used by the OpenVPN server local and remote for Tunneling via port.
-
Upload the necessary certificates and keys.
-
-
-
Click on NEXT icon: menu-right_white] .
-
If necessary, modify the LAN settings and click on NEXT
. -
Click on SUBMIT to save the settings of the Startup wizard.
-
Click on FINALIZE
to complete the Startup wizard.
Functional test
Open the 
Status → Dashboard page in the menu and observe the establishment of the WAN chain with the OpenVPN tunnel in the WAN chain section.
Troubleshooting
-
The status of the WAN chain and their interfaces is displayed on the
Status → Dashboard page.
If an interface does not achieve the online condition, its condition can also be examined on this page. -
When configuring the OpenVPN connection with the Startup wizard, only the most important settings are made, but in most cases these are sufficient to establish a connection. If this is not possible, check the detailed settings of the OpenVPN connection. To do this, click on
in the line of the created OpenVPN interface in the 
Network → Interfaces menu in the OpenVPN section to check or edit the settings.
Click on 
to extended view at the top right to show the detailed settings. -
In case the OpenVPN server requires a static key for authentication and encryption (tls-crypt) or only for authentication (tls-auth) additionally, or a user name/password combination for authentication additionally, these need to be configured also.
-
If no network traffic is achieved, the tools integrated in the router can be used for debugging.
-
Check in the
Status → Log-View menu the messages in the OpenVPN log. [3]. -
Disable the IP filters for IPv4 in the
Network → Firewall / NAT menu under Settings IP filter to check whether incorrect filter settings are the reason for connection problems.
Back to the Configuration Guides for icom OS Smart Devices
Back to overview