Dynamic VPN
The following document provides information on how to activate and configure the Dynamic VPN service for your ClearOS system. For an overview of the features and benefits of the service, please review the service information here.
Installation
If you did not select this module to be included during the installation process, you must first install the module.
Menu
You can find this feature in the menu system at the following location:
Activation
- Login to your ClearCenter account.
- Click on
Systems|Dynamic VPN in the top navigation bar. - Select the target system from the list of active systems in your account.
Dynamic VPN is included in the ClearOS Business Gold & Platinum subscriptions. You will see information on your VPN settings if the software has been enabled on your ClearOS gateway.
Configuring Connections with Dynamic VPN
Dynamic VPN support not only simplifies configuration, but also improves the up-time of the connections. In order to create a connection between to systems, you need to configure both ClearOS systems.
From the webconfig tool, click on in the Dynamic VPN Connections box. You need to:
- Select the target system name from the list
- Type in a pre-shared secret (password)
On the first connection or when an IP address changes, it may take a minute for the connection to synchronize.
MultiWAN
If you have MultiWAN and have a preference of which interface the Dynamic VPN uses, in /etc/clearos/dynamic_vpn.conf set the VPNIF parameter e.g:
VPNIF="eth0"
Then stop IPsec with a:
service ipsec stop
The Dynamic VPN will then restart itself with the new parameter.
Multiple LAN's
By default the Dynamic VPN will only route one LAN over the VPN. If you have a preference of which LAN to route, in /etc/clearos/dynamic_vpn.conf set the LANNET parameter e.g:
LANNET="192.168.0.0/24"
Then stop IPsec with a:
service ipsec stop
The Dynamic VPN will then restart itself with the new parameter.
If you want to route multiple subnets for different LAN's or VLAN's, then please raise a ticket as it has to be manually configured in the Clearcenter server.
The Supernet Calculator is a useful tool for checking subnets.