Basic server settings

Restrict web administration to local LAN

Using this option, access to web administration can be restricted to local LAN. Upon activation, an interface has to be selected which will define the range of IP that will be accepted by the server for web administration.

Enable package forwarding

JazzVPN acts as an intermediate server for packages going between peers. All data received by the server has to be decrypted and re-encrypted for every package going through the server, which is slow and inefficient. JazzVPN implements a logic for package forwarding which makes use of a shared private key between the server and the pair of interconnecting peers, with all traffic encrypted using AES_GCM_256. this is a lot faster, demands less server processing because only redirection info is decrypted. All these packages are injected between regular TLS traffic.

Allow IPv4 multicast addresses or Allow IPv4 broadcast addresses

The usual case for VPN server is to filter out all packages to multicast or broadcast addresses. This is sometimes useful to discover other computers in range or play games.

Auto import Active Directory users

Realms using Active Directory authentication can use this option to import users from the Active Directory server once the user login succeeds.

Auto-renew Let's Encrypt Certificate

From time to time, JazzVPN checks for the certificate expiration time. If the currently active certificate is a Let's Encrypt certificate and expiration is within 15 days, JazzVPN will try to automatically renew it.