Differences

This shows you the differences between two versions of the page.

--- userdoc:tt_openvpn_server [2018/10/14 05:05]
mkeuter [Windows Client Configuration]
+++ userdoc:tt_openvpn_server [2018/12/01 12:26] (current)
mkeuter
@@ Line 55: / Line 55: @@
   * Extra TLS-Auth:  Enable a kind of "HMAC  firewall" on OpenVPN's TCP/UDP port, where TLS control channel packets bearing an incorrect HMAC signature can be dropped immediately without response.  "Yes" is a good choice if **all** clients support it. //[client.ovpn]//
-{{:userdoc:ovpn-server-firewall.jpg?nolink|}}
+{{:userdoc:ovpn-server-firewall.png?nolink|}}
   * External Hosts:  Define a space separated list of allowed IPv4/IPv6 addresses via the external interface. The external firewall rules are automatically created by the [[userdoc:tt_firewall_plugins#openvpn-server|openvpn-server plugin]] .  The firewall must be enabled, see the "Enable Firewall" section below for more info.
+  * Client Isolation:  Choose to "Pass" or "Deny" Client->Client traffic. "Deny" isolates connected clients, blocking access with each other. //(AstLinux 1.3.5 and later)//
 !!Tip ->!! Allow any external IPv4/IPv6 address by defining "External Hosts:" to "0/0".
@@ Line 188: / Line 189: @@
 \\
 \\
-**OpenVPN Client for Mac OS X:**  [[http://code.google.com/p/tunnelblick/wiki/DownloadsEntry|Tunnelblick]]  //(Free)//\\
+**OpenVPN Client for Mac OS X:**  [[https://tunnelblick.net|Tunnelblick]]  //(Free)//\\
 {{:userdoc:ovpn-tunnelblick-icon.png?nolink|}}
 \\
@@ Line 195: / Line 196: @@
 \\
 ===== Windows Client Configuration =====
@@ Line 212: / Line 212: @@
 The OpenVPN folks offer a free Windows Installer and GUI for the OpenVPN package.
-Using the above link download the "Windows Installer" (32-bit) or (64-bit) for your Windows system.  This example uses Windows7. Download the latest version, and install using the default selections.
+Using the above link download the "Windows Installer". This example uses Windows7. Download the latest version, and install using the default selections.
 Next, download your credentials from the AstLinux OpenVPN server page, unzip the package, and using the **openvpn-cert-key** format ''client.ovpn'' file, place the (''win7.ovpn'' in this example) file into the following folder:
-  C:\Program Files\OpenVPN\config
+  C:\Users\<USER>\OpenVPN\config\
-On newer OpenVPN versions the "config" folder must be created manually.
-{{:userdoc:ovpn-win-gui-config.jpg?nolink|}}
+Or more simply, find the OpenVPN task in the system tray, right-click on it, select "Import file..." and select your named **openvpn-cert-key** format ''client.ovpn'' file.
-Alternatively, you could use the **openvpn-pkcs12** format ''client.ovpn'' and ''client.p12'' files, place both the (''win7.ovpn'' and ''win7.p12'' in this example) files into the folder.
+{{:userdoc:ovpn-win-gui-import.png?nolink|}}
-That's it, next start the OpenVPN-GUI service.  This procedure can vary depending on your version of Windows.  The OpenVPN-GUI service __needs to have administrator permissions__ to add and delete routes and such. For the Windows7 case, right-click the OpenVPN-GUI icon and "Run as administrator".
+Next, you are ready to connect to your OpenVPN server, right-click on the OpenVPN task in the system tray:
-!!Note ->!! Make sure you understand the security implications of running any application with administrator privileges.
+{{:userdoc:ovpn-win-gui-task.png?nolink|}}
-{{:userdoc:ovpn-win-gui-permissions.jpg?nolink|}}
+Finally, select "Connect" and a connection window will appear, then disappear when the connection is established.
-Provided that all goes well, you are ready to connect to your OpenVPN server, find the OpenVPN task in the system tray, right-click on it:
+{{:userdoc:ovpn-win-gui-connect.png?nolink|}}
-{{:userdoc:ovpn-win-gui-task.jpg?nolink|}}
-Finally, select "Connect" and a connection window will appear, then disappear when the connection is established.