TP-Link Omada ER8411 VPN Router User Manual

Configuring SSL VPN

SSL VPN Server Configuration

User Guide 175

Secondary

DNS

Specify the IP address of the DNS server.

Please assign the LAN IP to the SSLVPN DNS server.

Listen on Port

Specify the port for the SSL VPN server to listen on. By default, it is 1194.

Authentication

Type

Select the authentication for the clients. For RADIUS Authentication, go to

SSL VPN >

Authentication

to configure.

Username

Lockout

Block a client with the specific login username.

Max. Login Attempts:

Specify the maximum failed login attempts for a username. After

the maximum attempt is reached, the username will be locked out.

Lock Duration:

Specify how long the username will be locked out.

IP Lockout

Block a client of the specific login IP.

Max. Login Attempts:

Specify the maximum failed login attempts for a username. After

the maximum attempt is reached, the username will be locked out.

Lock Duration:

Specify how long the username will be locked out.

Idle Timeout

Enable the feature and the VPN tunnel will close automatically if there is no traffic for

the specified amount of time.

Full Mode

Enable the feature and all traffic will go through the SSL VPN tunnel. When the feature

is disabled, only the resource-related traffic will go through the tunnel.

Note:

•

Please first go to

Preferences > VPN IP Pool > VPN IP Pool

to configure an IP pool for the

virtual IP pool of the SSL VPN server.

•

The virtual IP pool should not overlap with the existing ones.

•

Please configure a large IP Pool for SSL VPN server.

•

The end-device cannot access the internet when SSL VPN is configured. If you want to access

the internet, please select Local Authentication as Authentication Mode.