OpenVpnAdvancedWidget
0
0
626
624
-
QDialogButtonBox::Cancel|QDialogButtonBox::Ok
-
0
General
-
-
TCP/UDP port number for peer. (Default value when there is no port for gateway).
Use custom gateway port:
-
false
TCP/UDP port number for peer. (Default value when there is no port for gateway).
Automatic
1
65535
1194
-
-
Renegotiate data channel key after the specified number of seconds.
Use custom renegotiation interval:
-
false
Renegotiate data channel key after the specified number of seconds.
-
-
Use compression.
Use compression
-
false
Use compression.
-
No
-
LZO
-
LZ4
-
LZ4 v2
-
Adaptive
-
Automatic
-
Use TCP for communicating with remote host.
Use a TCP connection
-
-
Explicitly set virtual device type (TUN/TAP).
Set virtual device type:
-
false
Explicitly set virtual device type (TUN/TAP).
-
TUN
-
TAP
-
-
Use custom name for TUN/TAP virtual device (instead of default "tun" or "tap").
Set virtual device name:
-
false
0
0
Use custom name for TUN/TAP virtual device (instead of default "tun" or "tap").
Automatic
-
-
Take the TUN device MTU to be specified value and derive the link MTU from it.
Use custom tunnel Maximum Transmission Unit (MTU):
-
false
Take the TUN device MTU to be specified value and derive the link MTU from it.
Automatic
1
65535
1500
-
-
Enable internal datagram fragmentation with this maximum size.
Use custom UDP fragment size:
-
false
Enable internal datagram fragmentation with this maximum size.
Automatic
65535
1300
-
Restrict tunnel TCP maximum segment size.
Restrict TCP maximum segment size (MSS)
-
Randomize the order of gateways list (remote) as a kind of basic load-
balancing measure.
Randomize remote hosts
-
Build a tun link capable of forwarding IPv6 traffic.
IPv6 tun link
-
-
Ping remote over the TCP/UDP control channel if no packets have been sent for at least n seconds.
Specify ping interval:
-
false
Ping remote over the TCP/UDP control channel if no packets have been sent for at least n seconds.
1
65535
30
-
-
Exit or restart after n seconds pass without reception of a ping or other packet from remote.
Specify exit or restart ping:
-
false
Exit or restart after n seconds pass without reception of a ping or other packet from remote.
-
ping-exit
-
ping-restart
-
false
Exit or restart after n seconds pass without reception of a ping or other packet from remote.
1
65535
30
-
Allow remote peer to change its IP address and/or port number such as due to
DHCP (this is the default if --remote is not used). --float when specified with --remote
allows an OpenVPN session to initially connect to a peer at a known address,
however if packets arrive from a new address and pass all authentication tests, the
new address will take control of the session. This is useful when you are connecting
to a peer which holds a dynamic address such as a dial-in user or DHCP client.
Essentially, --float tells OpenVPN to accept authenticated packets from any address,
not only the address which was specified in the --remote option.
Accept authenticated packets from any address (Float)
-
-
Specify the maximum number of routes the server is allowed to specify.
Specify max routes:
-
false
Specify the maximum number of routes the server is allowed to specify.
100000000
100
-
Qt::Vertical
303
11
Security
-
-
Encrypt packets with cipher algorithm. The default is BF-CBC (Blowfish in Cipher
Block Chaining mode).
Cipher:
Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter
cboCipher
-
false
0
0
Encrypt packets with cipher algorithm. The default is BF-CBC (Blowfish in Cipher
Block Chaining mode).
-
Obtaining available ciphers…
-
-
Set cipher key size to a custom value. If unspecified, it defaults to cipher-specific size.
Qt::LeftToRight
Use custom size of cipher key:
-
false
Set cipher key size to a custom value. If unspecified, it defaults to cipher-specific size.
1
65535
128
-
-
Authenticate packets with HMAC using message digest algorithm. The default is SHA1.
HMAC Authentication:
Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter
cboHmac
-
0
0
Authenticate packets with HMAC using message digest algorithm. The default is SHA1.
-
Default
-
None
-
MD-4
-
MD-5
-
SHA-1
-
SHA-224
-
SHA-256
-
SHA-384
-
SHA-512
-
RIPEMD-160
-
Qt::Vertical
20
0
TLS Settings
-
-
Verify server certificate identification.
When enabled, connection will only succeed if the server certificate matches
some expected properties.
Matching can either apply to the whole certificate subject (all the fields),
or just the Common Name (CN field).
Server Certificate Check:
-
Verify server certificate identification.
When enabled, connection will only succeed if the server certificate matches
some expected properties.
Matching can either apply to the whole certificate subject (all the fields),
or just the Common Name (CN field).
-
Don't verify certificate identification
-
Verify whole subject exactly
-
Verify name exactly
-
Verify name by prefix
-
Verify subject partially (legacy mode, strongly discouraged)
-
-
false
Subject or Common Name to verify server certificate information against.
Subject Match:
subjectMatch
-
false
Subject or Common Name to verify server certificate information against.
Connect only to servers whose certificate matches the given subject. Example: /CN=myvpn.company.com
true
-
Require that peer certificate was signed with an explicit key usage and extended
key usage based on RFC3280 TLS rules.
Verify peer (server) certificate usage signature
-
-
false
Require that peer certificate was signed with an explicit key usage and extended
key usage based on RFC3280 TLS rules.
Remote peer certificate TLS type:
-
false
Require that peer certificate was signed with an explicit key usage and extended
key usage based on RFC3280 TLS rules.
-
Server
-
Client
-
Require that peer certificate was signed with an explicit nsCertType designation.
Verify peer (server) certificate nsCertType designation
-
-
false
Require that peer certificate was signed with an explicit nsCertType designation.
Remote peer certificate nsCert designation:
-
false
Require that peer certificate was signed with an explicit nsCertType designation.
-
Server
-
Client
-
Add an additional layer of HMAC authentication.
false
false
-
Mode:
-
-
None
-
TLS-Auth
-
TLS-Crypt
-
Add an additional layer of HMAC authentication on top of the TLS control channel
to protect against DoS attacks.
Key File:
false
kurlTlsAuthKey
-
false
Add an additional layer of HMAC authentication on top of the TLS control channel
to protect against DoS attacks.
-
Direction parameter for static key mode.
Key Direction:
false
cboDirection
-
false
Direction parameter for static key mode.
-
None
-
Server (0)
-
Client (1)
-
Qt::Vertical
20
137
Proxies
QFormLayout::ExpandingFieldsGrow
6
-
Proxy type: HTTP or SOCKS
Proxy Type:
cmbProxyType
-
0
0
0
0
Proxy type: HTTP or SOCKS
-
Not Required
-
HTTP
-
SOCKS
-
0
0
true
Select this option if your organization requires the use of a proxy server to access the Internet.
true
-
Connect to remote host through a proxy with this address.
Server Address:
proxyServerAddress
-
Connect to remote host through a proxy with this address.
true
-
Connect to remote host through a proxy with this port.
Port:
sbProxyPort
-
0
0
Connect to remote host through a proxy with this port.
65535
-
HTTP/SOCKS proxy username passed to OpenVPN when prompted for it.
Proxy Username:
proxyUsername
-
HTTP/SOCKS proxy username passed to OpenVPN when prompted for it.
true
-
HTTP/SOCKS proxy password passed to OpenVPN when prompted for it.
Proxy Password:
proxyPassword
-
-
HTTP/SOCKS proxy password passed to OpenVPN when prompted for it.
true
-
Retry indefinitely on proxy errors. It simulates a SIGUSR1 reset.
Retry indefinitely when errors occur
KUrlRequester
QWidget
PasswordField
QLineEdit
sbCustomPort
sbMtu
sbCustomFragmentSize
chkUseCustomReneg
sbCustomReneg
chkUseVirtualDeviceType
cmbDeviceType
chkUseVirtualDeviceName
leVirtualDeviceName
chkUseCompression
chkUseTCP
chkMssRestrict
chkRandRemHosts
cboCipher
chkUseCustomCipherKey
sbCustomCipherKey
cboHmac
subjectMatch
chkRemoteCertTls
cmbRemoteCertTls
useExtraTlsAuth
kurlTlsAuthKey
cboDirection
cmbProxyType
proxyServerAddress
sbProxyPort
chkProxyRetry
proxyUsername
proxyPassword
chkUseCustomReneg
toggled(bool)
sbCustomReneg
setEnabled(bool)
172
131
392
131
chkRemoteCertTls
toggled(bool)
cmbRemoteCertTls
setEnabled(bool)
281
94
414
127
chkRemoteCertTls
toggled(bool)
labelRemoteCertTls
setEnabled(bool)
281
94
148
127
chkUseVirtualDeviceType
toggled(bool)
cmbDeviceType
setEnabled(bool)
146
208
412
208
chkUseVirtualDeviceName
toggled(bool)
leVirtualDeviceName
setEnabled(bool)
146
245
412
245
chkUseCustomCipherKey
toggled(bool)
sbCustomCipherKey
setEnabled(bool)
146
97
412
97
chkMtu
toggled(bool)
sbMtu
setEnabled(bool)
209
268
472
268
chkPingInterval
toggled(bool)
sbPingInterval
setEnabled(bool)
145
419
408
420
chkSpecifyExitRestartPing
toggled(bool)
sbSpecifyExitRestartPing
setEnabled(bool)
119
456
461
457
chkSpecifyExitRestartPing
toggled(bool)
cbSpecifyExitRestartPing
setEnabled(bool)
119
456
304
457
chkMaxRoutes
toggled(bool)
sbMaxRoutes
setEnabled(bool)
145
519
408
520
chkCustomFragmentSize
toggled(bool)
sbCustomFragmentSize
setEnabled(bool)
145
304
408
305
chkUseCompression
toggled(bool)
cmbUseCompression
setEnabled(bool)
145
131
408
132
chkCustomPort
toggled(bool)
sbCustomPort
setEnabled(bool)
145
57
408
58
chkNsCertType
toggled(bool)
cmbNsCertType
setEnabled(bool)
276
189
422
221
chkNsCertType
toggled(bool)
lblNsCertType
setEnabled(bool)
276
189
159
221