The OpenVPN Server menu allows you to view and configure settings for OpenVPN Servers within the web interface. A custom configuration window allows further customization of settings.
OpenVPN is an evolving VPN implementation that employs SSL/TLS security. It has many configuration options. OpenVPN is quite forgiving and strives to maintain backwards compatibility between versions. However, there are still interoperability and other functional differences between versions. For example, clients and servers may be configured on different versions. Encryption algorithms may be negotiated differently, and so on. FreshTomato 2021.8 includes OpenVPN 2.5.
For detailed information, refer to the OpenVPN documentation and support forums here:
OpenVPN can concurrently run two differently-configured server instances (“Server 1” and “Server 2”). Each server menu has a set of tabs: “Basic”, “Advanced”, “Keys” and “Status”.
The “Basic” and “Advanced” tabs are used to configure the general setup of the servers, and to set OpenVPN configuration file “option” entries. Option settings are read by the OpenVPN server when it starts. The options set in the web interface are read first, followed by any custom options.
The “Keys” tab allows you to define various encryption keys to be used. It also allows keys to be generated directly within FreshTomato, if they are not sourced externally.
When the server is running, the “Status” tab provides an overview of currently-connected clients, routing and statistics.
Start Now: If Start with WAN is not checked, or the server is not currently running, clicking on this makes the OpenVPN server start immediately.
VPNs use virtual (software) network devices to simulate physical network adapters. OpenVPN has two main types of virtual interfaces:
TUN, (for “network TUNnel”), simulates a network layer device. TUN operates at OSI layer 3, and carries IP datagrams. TUN is used with routing. In general, TUN is used for VPN tunnels where only IP protocol is used.
TAP, (“network TAP”), simulates a layer 2, link layer device to create a network bridge. TAP carries Ethernet frames. Since TAP allows full Ethernet frames to pass through the tunnel, it also supports non-routable protocols like IPX and AppleTalk.
Other important differences include:
Common applications of TUN/TAP include:
Both clients and server must use the same Interface type(s). You cannot use TAP on clients and TUN on servers or vice versa. Some clients do not support TAP.
This option appears if you selected the TAP Interface Type. This lets you select the VLAN to which you want to bridge the clients that connect to your OpenVPN server. [Default: LAN (br0) ].
OpenVPN can run over TCP or UDP transport protocols.
UDP OpenVPN Protocol
TCP OpenVPN Protocol
This sets the port on which the OpenVPN server listens on the router's WAN interface. Make sure to configure firewall / IPTables rules to allow the traffic through this port. 1194 is the official IANA port number assignment for OpenVPN but other port numbers may be used.
OpenVPN allows peers to authenticate each other using a Static (Pre‐Shared) Key or certificates. In client‐server configuration, OpenVPN allows the server to release an authentication certificate for each client, using signature and certificate authority. OpenVPN uses the OpenSSL encryption library, as well as the SSLv3/TLSv1 protocol. It contains many security and control features.
This option selects the authorization mode for the OpenVPN Server.
This menu appears automatically if TLS Authorization mode is selected and allows a choice of security measures to be applied to the control channnel.
The TLS authentication and encryption options require the generation and (secure) distribution of various additional static keys for the server and client/s. At least one Pre-Shared-Key is required with the same key used by the server and client/s, for tls-auth and tls-crypt, whereas tls-crypt-v2 requires client-specific keys to be generated. (Ref. OpenVPN –tls-auth, –tls-crypt, –tls-crypt-v2 and –secret).
TLS requires a multi-packet exchange before it authenticates a peer. During this exchange, OpenVPN allocates memory and CPU resources to the potential peer. The potential peer exposes parts of OpenVPN and the OpenSSL library to the packets it is sending. Most successful network attacks today try to to either exploit bugs in programs (such as buffer overflow attacks) or force a program to consume so many resources that it becomes unusable. The first line of defense is always good programming. One of the main goals when coding OpenVPN was to prevent buffer overflow attacks. However, many widely-used network applications still occasionally fall to buffer overflow attacks.
OpenVPN's second line of defense is an authentication layer on top of the TLS Control channel (tls-auth). At this layer, every packet on the control channel is authenticated by an HMAC signature and a Unique ID. This authentication layer prevents replay attacks. The signature also helps protect against Denial of Service (DoS) attacks. When an unauthenticated client has limits on how much resources it can use, DoS attacks are less likely.
Enabling TLS Control Channel Security (Encrypt Channel / tls-crypt) makes FreshTomato sign every control channel packet with an HMAC signature. This includes packets sent before the TLS layer has authenticated its peer. Packets without the correct signature will be immediately dropped on receipt. As a result, such packets don't have a chance to consume additional system resources.
However, the feature is optional. The key file used with –tls-auth gives a peer only the power to initiate a TLS handshake. It is not used to encrypt or authenticate any tunnel data. Encrypt Channel should be used instead if you want to use the key file to both authenticate and encrypt the TLS control channel.
Auth Digest (Authentication Digest) is an authentication system which reduces the risks of the plaintext method used with Basic authentication. With Auth Digest, the client sends a hash of its data over the network. Thus, the client's user name and password are never sent in plaintext over the network. This reduces the risk that logon credentials could be snooped.
If Auth Digest is set to a value other than None, OpenVPN will authenticate data channel packets and tls-auth control channel packets with HMAC. To do this, it will use a message digest algorithm (SHA1, by default ). HMAC is a common Message Authentication Code algorithm (MAC) that uses a data string, a secure hash algorithm, and a key to produce a digital signature.
The OpenVPN data channel protocol uses Encrypt-then-Mac order. A packet is first encrypted, then the resulting ciphertext has HMAC applied against it. This helps prevent padding oracle attacks.
If an AEAD cipher mode (e.g. GCM) is chosen, the specified –auth algorithm is ignored for the data channel, and the authentication method of the AEAD cipher is used instead. Note that alg still specifies the digest used for tls-auth.
In Static Key encryption mode, the HMAC key is included in the key file. In TLS mode, the HMAC key is dynamically generated and shared between peers via the TLS control channel. If OpenVPN receives a packet with a bad HMAC, it will drop the packet. HMAC usually adds 16 or 20 bytes per packet.
For basic HMAC information, see: https://www.tutorialspoint.com/cryptography/message_authentication.htm
This option appears when the TUN interface type is selected. In this field, you enter the subnet and netmask used to assign addresses to OpenVPN clients.
When TUN is selected FreshTomato sets the VPN topology to “subnet”. This mode allocates a single IP address per connecting client from the subnet range. If another OpenVPN topology is required then this must be set in custom configuration. Ref. OpenVPN option “–topology”. (Successful overriding of “–topology subnet” with a different topology in custom configuration to be confirmed.)
This option appears when the TAP interface type is selected. This specifies which method will be used to assign addresses to OpenVPN clients.
DHCP — When checked, DHCP will assign addresses to your OpenVPN clients from your normal DHCP pool.
When unchecked, the Client Address Pool field appears. In this field, you can create a special pool of addresses for your VPN clients.
If set greater than zero, a watchdog polls connectivity every n minutes, to verify that OpenVPN is activated. If it finds that OpenVPN is not activated, it will restart the OpenVPN service. If set to zero, the watchdog is disabled.
If checked, this instructs OpenVPN clients to redirect all their Internet traffic through this server. In other words, this server becomes their default gateway. If unchecked, the client will perform its default routing.
On supported platforms this sets the DNS server address used by the client to be the local FreshTomato DNS. (Ref.OpenVPN “–dhcp-option”)
This field is a colon-separated list of ciphers in the order in which they are to be negotiated with the client. If nothing is defined then the server defaults to “AES-256-GCM:AES-128-GCM”.
The first cipher from the cipher-list that is also supported by the client will be pushed to clients that support cipher negotiation. If no common cipher is found during cipher negotiation, the connection is terminated.
Available ciphers: CHACHA20-POLY1305:AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
(Ref. OpenVPN “–data-ciphers”)
This enables a compression algorithm. LZO and LZ4 are different compression algorithms. LZ4 generally offers the best balance between performance and low CPU usage. For backwards compatibility with OpenVPN versions before v2.4, use “lzo” (which is identical to the older OpenVPN option “–comp-lzo yes”).
If the algorithm is set to Disabled, compression will also be disabled. However, packet framing for compression will still be enabled, allowing a different setting to be pushed later.
Combining compression and encryption is tricky. If an attacker knows or is able to control (parts of) the plaintext of packets that contain secrets, they might be able to extract the secret if compression is enabled. For example, the CRIME and BREACH attacks on TLS leverage compression to break encryption. If you can't be sure the above problems don't apply to your traffic, you are advised to disable compression.
This specifies how many seconds (n) will pass before OpenVPN renegotiates the data channel key (Default=3600). When using dual-factor authentication, the default value may cause the end user to be asked to reauthorize once per hour.
This option can be used on both client and server. Whichever host uses the lower value will trigger the renegotiation. It's a common mistake to set this parameter to a higher value on either the client or server, while the other end is still using the default value. In this case, renegotiation will still occur once every 3600 seconds. The solution is to increase –reneg-sec on both client and server, or set it to “0” (disabled) on one side of the connection, and to your preferred value on the other side.
This enables individual client options to be applied. If this checkbox is not selected then the option to allow client certificates with the same common name is applied. (Ref.OpenVPN “–duplicate-cn”)
If selected then further options appear which enable configuration via the GUI of client-to-client access.
The client-to-client option enables an OpenVPN client to access the other's, and/or the network behind each OpenVPN client. OpenVPN blocks the network access between the OpenVPN clients unless you enable the client-to-client option.
When you enable Client ↔ Client access on the server you can limit the networks accessible to your clients. Use the table “Allow Only These Clients” in order to specify and limit the access your client will have over your network.
(Ref. OpenVPN “–client-to-client”)
Using the Client-specific options require each client to have a certificate with a unique common name, because it's used to identify which client rule to apply, and duplicate CNs are now rejected by default.
If you still need to use client specific options and don`t want to generate unique client certificates for each client, then you will need to allow the use of the username as common name, or duplicate common names (which may not lead to the desired result however if you expect different client rules). Try either of these as custom configuration:
in your Custom Settings.
The push checkbox on the clients table can be used in order to push the routes to the clients. If you decide to leave it unchecked, the routes should be set separately in each client configuration. This check box is not applicable if the Client ↔ Client feature is not enabled.
Other client-specific options are possible using custom configuration and a Client Configuration Directory. Enabling of client-specific options creates an internal Client Configuration Directory (Ref. OpenVPN “–client-config-dir”) in which to hold client specific options configured in the GUI. If additional or different client-specific options are to be defined, beyond those available via the GUI, then a custom “client-config-dir” option can be given in the custom configuration and the required client-specific options placed there. [To be confirmed whether multiple Client Config Dirs are read or whether the custom Client Config Dir replaces the 'internal' CCD]
Here, you can specify a custom configuration to be used by the OpenVPN server.
For details about custom parameters that can be used, please see:
If you chose TLS authorization mode, you MUST configure the certificates.
Instead of using a static key, you can let the machines use TLS to negotiate an encryption key and an encryption algorithm. During the TLS handshake process, one machine acts as “server” and the other as “client”. Once the handshake is completed, the OpenVPN interaction is on a peer-to-peer basis.
For a TLS handshake to occur, both “server” and “client” must have their respective digital certificates. Also, Diffie-Hellman parameters need to be generated for the “server” which will finally lead to creation of a shared secret number. You will generate your own certificates. Every digital certificate is issued by a Certificate Authority, (“CA”), so you will first create a CA. The tools to create a Certificate Authority, certificates, and Diffie-Hellman parameters are provided by OpenVPN and are all available within FreshTomato.
The first step in building an OpenVPN 2.x configuration is to establish a Public Key Infrastructure (or “PKI”). The PKI consists of:
OpenVPN supports bidirectional authentication based on certificates. Both client and server must authenticate each other's certificate before they establish mutual trust.
Both server and client will authenticate the other, first, by verifying that the certificate presented was signed by the master certificate authority (CA). Then, they will test the information in the authenticated certificate header. That information includes the certificate common name (CN) or certificate type (client or server).
This security model has a number of desirable features for a VPN:
Note that server and client clocks need to be roughly synchronized, or certificates might not function properly.
The user has the option to generate ALL the required keys directly from FreshTomato GUI using the button Generate Keys or simply using the easy-rsa tool provided by OpenVPN software and following these instructions:
Please be aware that using NVRAM space to store certificate values may be expensive, especially for routers with limited RAM. The certificates consume about 14 KB of NVRAM space. Therefore, if your router has limited NVRAM available, it might be a good idea to store the certificates in JFFS or other mounted storage in your router. Please consider the security risks before following this procedure, as certificates may be accessible if you enable Samba or NFS filesharing.
Here's an example of how to include certificates in your Custom Configuration field if you do not want to use NVRAM space:
#Path names and filenames below are used only as example dh /jffs/certs/dh.pem #Contains Diffie-Hellman parameters cert /jffs/certs/srv.crt #Contains Server Certificate Server Key ca /jffs/certs/ca.crt #Contains CA Key
Note that additionally a static pre-shared-key path/file must be defined if you are using tls-crypt or tls-auth.
Please note that since FreshTomato does not use TLS with elliptic curve cryptography, you must configure the Diffie-Hellman parameters
A common mistake when setting up a new CA is to place all the CA files on the OpenVPN server. **DO NOT DO THAT**. A CA requires a private key used to sign the certificates your clients and servers use. If you lose control of your CA private key, you can no longer trust any certificates from that CA. Anyone with access to the CA private key can sign new certificates without your knowledge, and clients using those certificates then can connect to your OpenVPN server without needing to modify anything on the VPN server. Place your CA files on a storage medium that is offline as much as possible, only to be activated when you need to get a new certificate for a client or server.
There are just 3 files you need to copy from a CA to achieve this:
The server also needs a Diffie-Hellman parameters file.
You should avoid generating keys on devices which do not have a good entropy source for random data. This includes most common Wi-Fi routers and similar embedded devices. In many cases, virtual machines also don't have a good entropy source or can be manipulated by the hypervisor. Always try to generate keys and Diffie-Hellman parameters on bare metal equipment.
To better understand how PKI works, see this introduction:
Within the CA, you can also revoke certificates as needed. Using the CA management tool of your choice, you should be able to generate a Certificate Revocation List (CRL file). By adding this to the OpenVPN server, all client certificates will be checked against this revocation list. Clients which have their certificates listed in the CRL will not be able to connect. This is a common way to disable access to a VPN service on a per user level.
Add this line to the OpenVPN server configuration:
If you want to access particular network resources on other IP addresses via the VPN tunnel, you need to add network routes. A network route tells your operating system where it needs to send the network traffic when you want to access certain resources. An operating system can handle multiple routes via multiple gateways at the same time. So if you have a server on 192.168.1.10 behind your VPN server and you want to access this server via the VPN, you need to tell OpenVPN to configure a route for either a specific host or a network range to go via the tunnel.
So to configure this, you need to add one line in the server configuration and restart server and client.
push "route 192.168.1.0 255.255.255.0"
When the client now connects, the server tells the VPN client that it should route all traffic for IP addresses in the 192.168.1.XXX scope via the VPN connection.
This is a very basic setup. And when we now start on the routing part, the VPN setup is mostly done. All you need now is to add the needed routes you need, just like you would do for normal TCP/IP routing.
BEWARE: Remember that you also need to consider what is called “return routes”. If your VPN client can access a host behind your VPN server, it does not mean that the host behind the VPN server will send the response via the same route. So you need to ensure that your hosts behind your VPN server also knows which gateway to use for your VPN. Nowadays this is most commonly fixed by adding a route on your existing default gateway. And if you run OpenVPN on an existing gateway, you have this return route already impllicitly configured.
For a more detailed example using routing, see the Using routing section in the 'Bridiging and routing' wiki page.
It is possible to route absolutely all network traffic over the VPN. The configuration in OpenVPN is fairly simple. But you will need to investigate how to configure NAT on your VPN server for the virtual tun adapter.
You can either push such a “route everything over VPN” via the server, or you can add it explicitly in the client configuration. Do not use both at the same time.
push "redirect-gateway def1"
Client configuration alternative:
OpenVPN v2.3 and later supports IPv6. To set up IPv6 in the tunnel is roughly similar to the IPv4 examples already discussed. You need to use the –server-ipv6 and –route-ipv6 options to configure IPv6.
For example, adding this will configure the IPv6 addresses for server and clients:
You can use the –route-ipv6 option, either by pushing it from the server, or using it directly in the client configuration. The same is true for the –route option. The syntax is similar too:
There are a few more things which may need to be configured, but those are mostly outside of OpenVPN. The most common issues are related to adjusting your operating system to allow forwarding of packets and configuring the firewall properly.
Configuring a Linux-based firewall can be quite different from configuring one based on other Unix based operating systems. In addition, several Linux distributions have their own tools to manage iptables. Therefore, it is better to read the specific manuals for firewall configuration on your operating system.