Difference between revisions of "VPN client"
(Created page with "Category:Linux =Introduction= See VPN#Introduction =Client= ==Client files== The client requires: * Authority of certification ca.cert * Client private key...") |
|||
Line 5: | Line 5: | ||
=Introduction= | =Introduction= | ||
− | See [[VPN | + | See [[VPN|VPN introduction]] |
− | |||
Revision as of 17:19, 8 August 2014
Contents
Introduction
See VPN introduction
Client
Client files
The client requires:
- Authority of certification ca.cert
- Client private key client.key
- Client certificate client.crt
Then, you can setup client configuration.
Client configuration
Copy / paste the following configuration - just adjust your path according to your OS and file system:
#################################################
# OpenVPN 2.0 client config #
# --------------------------------------------- #
# version 1.0 - April 2011 - Guillaume Diaz
# version 1.2 - June 2013 - Guillaume Diaz
# conf update + chroot
#################################################
# OpenVPN configuration
##########################
# Client mode
client
# VPN mode
dev tun
# Protocol
proto udp
# Remote server
remote dev.daxiongmao.eu 8080
# Do not bind to a specific local port number
nobind
# Keep trying indefinitely to resolve the hostname of the OpenVPN server.
resolv-retry infinite
# Compression of data exchange
comp-lzo
# SECURITY
########################
# SSL/TLS root certificate (ca)
# The server and all clients will use the same ca file.
ca "C:\\Apps\\OpenVPN\\config\\ca.crt"
# Client certificate and private key
cert "C:\\Apps\\OpenVPN\\config\\xinxiongmao.crt"
key "C:\\Apps\\OpenVPN\\config\\xinxiongmao.key"
# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody
# Try to preserve some state across restarts.
persist-key
persist-tun
# Encryption of data exchange
cipher AES-128-CBC
# Integrity check
auth MD5
# Control server certificate
ns-cert-type server
##-- Logs --##
# Set log file verbosity.
verb 4
# Wireless networks often produce a lot of duplicate packets.
# Set this flag to silence duplicate packet warnings.
mute-replay-warnings
# Silence repeating messages
mute 10
Notes:
You have to edit the configuration file.
- Adjust paths on lines 30-38
- On Windows you must you the double slash \\
- On Linux don’t forget to uncomment the following lines for better security:
# Downgrade privileges after initialization (non-Windows only)
user nobody
group nobody
- Linux: depending on your distribution you might need to adjust user / group default name.
Software
Linux
Installation
apt-get install openssl openssh-server openvpn
Security
See Firewall VPN
Windows
On windows, many clients are available. The best one for Windows 7 and 8 is: « OpenVPN Connect Client Download for Windows » https://openvpn.net/index.php?option=com_content&id=357
Note: The file must be around 15 Mb.
MacOSX
The best VPN client is “tunnelblick” http://code.google.com/p/tunnelblick
- Configuration files are in ~/librairies/openvpn
- That’s the libraries [“bibliothèque”] folder of the current user