Differences between revisions 17 and 18
Revision 17 as of 2006-05-23 03:18:50
Size: 2484
Editor: rowlf
Comment:
Revision 18 as of 2006-12-07 22:54:09
Size: 2748
Editor: DannyCheung
Comment:
Deletions are marked like this. Additions are marked like this.
Line 5: Line 5:
This may be '''skipped''' if you already have a built RPM of OpenVPN or sourced it from {{{yum}}}. From FC3 {{{openvpn}}} is available in the extras repositories.  This may be '''skipped''' if you already have a built RPM of OpenVPN or sourced it from {{{yum}}}. From FC3 {{{openvpn}}} is available in the extras repositories.
Line 12: Line 12:
Line 49: Line 48:
To have OpenVPN automatically connect at startup, edit the reigstry {{{ KEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\openvpn_gui }}} to the following value:
{{{
C:\Program Files\OpenVPN\bin\openvpn-gui.exe --connect <OVPN file>
}}}

{{{
}}}

Windows to Linux VPN

Related documents: Roll out custom [:OpenVPNRollOut:Windows OpenVPN clients]

On build machine

This may be skipped if you already have a built RPM of OpenVPN or sourced it from yum. From FC3 openvpn is available in the extras repositories. 

# yum install lzo lzo-devel openssl-devel pam-devel
# rpmbuild -tb openvpn-2.0.5.tar.gz
# scp /usr/src/redhat/RPMS/i386/openvpn-2.0.5-1.i386.rpm ccc@192.168.1.85:

On the server

# yum install lzo
# rpm -Uvh openvpn-2.0.5-1.i386.rpm
# cd /etc/openvpn
# /usr/sbin/openvpn --genkey --secret key
# vi openvpn.conf

The config of openvpn.conf will included something similar to the following options: 

dev tap
ifconfig 10.3.0.1 255.255.255.0
secret key
ping 10
verb 3
mute 10

If multiple customers are going to be connecting to a single server, like in the situation of an ASP. Multiple keys can be setup, along with multiple configuration files, but a different port must be setup for each customer/configuration.

Windows Clients

Install the latest version of[http://openvpn.se/ OpenVPN GUI for Windows], applying all the default options. The filekeygenerated on the server must be copied into the configuration directory of OpenVPN. In that same directory a configuration file config.ovpn similar to openvpn.conf must be created. 

remote 666.666.666.666        # Servers external static IP
dev tap
ifconfig 10.3.0.2 255.255.255.0
secret key
ping 10
verb 3
mute 10

On a network with NAT, port 1194 with protocol UDP must be forwarded to 192.168.1.85. [http://openvpn.se/files/howto/openvpn-howto_roll_your_own_installation_package-Rev1.1.html Roll Your Own OpenVPN Windows Installation Package]. Windows clients are known to time out, if OpenVPN is run as a service (non GUI) the following commands from attachment:RestartVPN.bat can quickly restart the service. 

net stop "openvpn service"
net start "openvpn service"

To have OpenVPN automatically connect at startup, edit the reigstry  KEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\openvpn_gui  to the following value: 

C:\Program Files\OpenVPN\bin\openvpn-gui.exe --connect <OVPN file>



Creative Staff Client Configuration


# Configuration for connecting into Creative computing internal network
dev tap
proto udp
remote muppets.crecom.com.au 1194
resolv-retry infinite
nobind
secret cc.key
ifconfig 192.168.128.x 255.255.255.0                    # This line is client dependent.
route 192.168.127.0 255.255.255.0 192.168.128.1
dhcp-option DOMAIN crecom.com.au
dhcp-option DNS 192.168.128.1
ping 10
OpenVPN  (last edited 2023-12-28 04:41:58 by KafuWong)