Changes between Version 23 and Version 24 of HOWTO
- Timestamp:
- 11/25/15 20:13:21 (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
HOWTO
v23 v24 24 24 The original [wiki:Openvpn1xHOWTO OpenVPN 1.x HOWTO] is still available, and remains relevant for point-to-point or static-key configurations. Complete list of documentation is available on the [wiki:WikiStart documentation front page]. 25 25 26 While this HOWTO will guide you in setting up a scalable client/server VPN using an X509 PKI (public key infrastruct ionusing certificates and private keys), this might be overkill if you are only looking for a simple VPN setup with a server that can handle a single client.26 While this HOWTO will guide you in setting up a scalable client/server VPN using an X509 PKI (public key infrastructure using certificates and private keys), this might be overkill if you are only looking for a simple VPN setup with a server that can handle a single client. 27 27 28 28 If you would like to get a VPN running quickly with minimal configuration, you might check out the [wiki:StaticKeyMiniHowto Static Key Mini-HOWTO]. The advantages of a static key setup: … … 70 70 71 71 * Right click on an OpenVPN configuration file (.ovpn) and select '''Start OpenVPN on this configuration file'''. Once running, you can use the '''F4''' key to exit. 72 * Run OpenVPN from a command prompt Window with a command such as "'''openvpn myconfig.ovpn'''". Once running in a command prompt window, OpenVPN can be stopped by the F4 key.72 * Run OpenVPN from a command prompt Window with a command such as "'''openvpn myconfig.ovpn'''". Once running in a command prompt window, the F4 key can stop OpenVPN. 73 73 * Run OpenVPN as a service by putting one or more .ovpn configuration files in '''\Program Files\OpenVPN\config''' and starting the OpenVPN Service, which can be controlled from Start Menu -> Control Panel -> Administrative Tools -> Services. 74 74 … … 87 87 make install 88 88 }}} 89 method can be used, or you can search for an OpenVPN port or package whichis specific to your OS/distribution.89 method can be used, or you can search for an OpenVPN port or package that is specific to your OS/distribution. 90 90 91 91 = Determining whether to use a routed or bridged VPN = … … 114 114 115 115 * conflicts from different sites on the VPN using the same LAN subnet numbering, or 116 * remote access connections from sites whichare using private subnets which conflict with your VPN subnets.116 * remote access connections from sites that are using private subnets which conflict with your VPN subnets. 117 117 118 118 For example, suppose you use the popular 192.168.0.0/24 subnet as your private LAN subnet. Now you are trying to connect to the VPN from an internet cafe which is using the same subnet for its !WiFi LAN. You will have a routing conflict because your machine won't know if 192.168.0.1 refers to the local !WiFi gateway or to the same address on the VPN. … … 521 521 For this example, we will assume that the client LAN is using the '''192.168.4.0/24''' subnet, and that the VPN client is using a certificate with a common name of '''client2'''. Our goal is to set up the VPN so that any machine on the client LAN can communicate with any machine on the server LAN through the VPN. 522 522 523 Before setup, there are some basic prerequisites which must be followed:524 525 * The client LAN subnet ('''192.168.4.0/24''' in our example) must not be exported to the VPN by the server or any other client sites whichare using the same subnet. Every subnet which is joined to the VPN via routing must be unique.523 Before setup, there are some basic prerequisites, which must be followed: 524 525 * The client LAN subnet ('''192.168.4.0/24''' in our example) must not be exported to the VPN by the server or any other client sites that are using the same subnet. Every subnet which is joined to the VPN via routing must be unique. 526 526 * The client must have a unique Common Name in its certificate ("client2" in our example), and the '''duplicate-cn''' flag must not be used in the OpenVPN server configuration file. 527 527