GajShield Knowledge Base

All the documents you require to help you configure and manage GajShield firewalls.

SSL VPN Configuration (GajShield SSL VPN - OpenVPN)

Subscribe to GajShield Firewall YouTube channel

GajShield SSL VPN configuration on Firewall (OpenVPN)

Firmware version support - 4.28+

This guide will walk you through the steps to configure SSL VPN on your GajShield Firewall. 

Login to the GajShield firewall management console using your admin credentials.

Once you have logged into the firewall, click on the below menu to configure and add SSL certificate required for SSL VPN

Proceed to Browsing -> Setup -> SSL Certificate

Provide the relevant parameters to create a SSL Certificate and save it.

You should see the created certificate under SSL Certificate

You will need to add a network pool which will be dedicatedly used only for SSL VPN users. Each user will get a unique IP address from this pool. Ensure that this network is not used anywhere else.

To configure SSL VPN on GajShield firewall, go to VPN -> SSL VPN -> SSL VPN Information

This tab will provide you the information of the configured CA certificate and options to configure SSL VPN.

  • Here you will need to configure the public ip address on which you would wish your SSL VPN users to connect
  • The port on which SSL VPN server needs to run
  • The allocated SSL VPN network pool
  • SSL VPN interface name
  • The network you wish to allow he remote users to connect to
  • The local Lan IP address of the firewall
  • The DNS address that would be used by remote users
  • What encrypted to use
  • And whether you would like to compression to be enabled or not

After configuring the above options, save it.

Once you have configured SSL VPN, you can add users at VPN -> SSL VPN -> SSL VPN Users

You need to provide a connection name to every user, for reference and also till when is the connection valid upto.

Save the details for a user. You can now download the certificates for this user, which will be used with the remote OpenVPN client.

Restart the SSL VPN services as shown below

Download the certificate for a user as shown below

You need to add a network rule to allow users from internet to connect to the configured SSL VPN port from the internet

Install policies once you have created the required rule.

Windows System OpenVPN download and configuration

Open website: www.openvpn.net

  • Download OPENVPN and install it on your device.

  • Extract Configuration Zip file downloaded from firewall.

  • Place these files inside default OPENVPN config folder path i.e:--  "C:\Program Files\OpenVPN\config\"

  • After completing the above steps click connect to establish connection.

  

MAC iOS System OpenVPN download and configuration

Linux System OpenVPN Commands and configuration

  • Install openvpn client

  • sudo apt update

  • sudo apt install openvpn -y

  • copy all configuration files downloaded from firewall   to /etc/openvpn/client/

  • run below command to establish connection:-

  • sudo openvpn - -config  gajsecureweb.ovpn

sudo openvpn - -config  gajsecureweb.ovpn - Every time we have to run this command to connect and if the terminal is closed then SSL VPN will get disconnected.

iOS iPhone/iPad System OpenVPN download and configuration.

Android System OpenVPN download and configuration.