Changes between Initial Version and Version 1 of IOSinline


Ignore:
Timestamp:
02/06/13 22:02:06 (6 years ago)
Author:
krzee king
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • IOSinline

    v1 v1  
     1I had to setup openvpn on 4 non-jailbroken IOS devices yesterday. These devices were not setup to sync to computers, so I had to add the openvpn files via email.
     2This is a bad (insecure) way to add openvpn to the devices, but in this case it was the only way, and security was not very important on this setup.
     3If I was able to sync these devices with a computer, I could have used my original config file and cert files by adding the files from within iTunes.
     4In order to make this work, You need to use in-line certificate files.
     5My original config file looked like this:
     6Before:
     7
     8
     9{{{
     10client
     11dev tun
     12proto udp
     13remote vpn.server.hostname 1194
     14resolv-retry infinite
     15nobind
     16persist-key
     17persist-tun
     18ns-cert-type server
     19verb 3
     20ca ca.crt
     21cert jeff.crt
     22key jeff.key
     23tls-auth ta.key 1
     24
     25}}}
     26
     27
     28After changing my config files to work with in-line certificates, they looked like this:
     29After
     30
     31
     32{{{
     33client
     34dev tun
     35proto udp
     36remote vpn.server.hostname 1194
     37resolv-retry infinite
     38nobind
     39persist-key
     40persist-tun
     41ns-cert-type server
     42verb 3
     43key-direction 1
     44<ca>
     45-----BEGIN CERTIFICATE-----
     46...
     47-----END CERTIFICATE-----
     48</ca>
     49<cert>
     50-----BEGIN CERTIFICATE-----
     51...
     52-----END CERTIFICATE-----
     53</cert>
     54<key>
     55-----BEGIN RSA PRIVATE KEY-----
     56...
     57-----END RSA PRIVATE KEY-----
     58</key>
     59<tls-auth>
     60-----BEGIN OpenVPN Static key V1-----
     61...
     62-----END OpenVPN Static key V1-----
     63</tls-auth>
     64
     65}}}
     66
     67
     68Notice that --tls-auth takes a direction (1/0) when using it from a file, but when using tls-auth inline you must also use --key-direction (1/0).
     69Then on the !Iphone/Ipad/Ipod touch go to the app store, search for openvpn connect, and install it.
     70Then email the final config (with file extension .ovpn) as an attachment from an email account on your computer (or a webmail) to the email address setup on IOS in the Mail app.
     71In the mail app open the email and open the .ovpn file, then choose to open it with OpenVPN. If you did it right, OpenVPN opens and you can click a + icon next to your config to import it.
     72Now you can simply slide Off to On and your VPN connects.
     73If your VPN server is at your house, and you are connecting to the Internet IP (as opposed to using the LAN IP in --remote) you can not connect to it from your house.