Project

General

Profile

VPNsetup » History » Version 2

Herve Caumont, 2013-05-16 10:32

1 1 Herve Caumont
h1. VPN Setup
2
3
{{>toc}}
4
5
The purpose of this section is to lead the users to configure their OpenVPN connexion to access Terradue's VPN server.
6
The user authentication will be checked against the X.509 user certificate. 
7
8
Note that you will always have to manually setup a configuration file.
9
This file is applicable for OpenVPN on Microsoft Windows, Mac OS X or Linux environments.
10
This is because the Graphical User Interfaces that we are going to present do not assist you in the creation and maintenance of the OpenVPN's configuration. They only help you to connect and disconnect the VPN, and ask for the username and password if they are required.
11
12
To manage the access to the Developer Cloud Sandboxes, you can install a VPN Client on your workstation.
13
Several OpenVPN-related software packages are described in the sections below, with their step-by-step installation operations.
14
You will see how to install and configure the most used OpenVPN's GUI for Microsoft Windows,  Mac OS X and Linux. 
15
16
You will also learn to use the OpenVPN's command line interface. 
17
This last possibility is useful, because the "openvpn" command, which you can execute by using the prompt (Unix Shell or Windows Prompt) accepts the same parameters and has the same behavior regardless of which Operating System you use. 
18
In addition, you can use the "openvpn" command in a script to automatically start the VPN connection.
19
20
h2. OpenVPN client configuration for Windows, Mac OS X and Linux
21
22
h3. The configuration file of OpenVPN
23
24
In order to further simplify the configuration of the OpenVPN client, use the file "t2.ovpn" provided in page attachment:
25 2 Herve Caumont
* Download the generic configuration file by clicking "t2.ovpn":https://support.terradue.com/attachments/download/22/t2.ovpn
26 1 Herve Caumont
Before using it, you must edit this file, and modify it accordingly to the comments inside.
27
28
The file has comments that explain the meaning of the parameters, but only 3 of them you surely need to change to obtain a VPN connection:
29
30
* ca /path/to/cacert.pem
31
32
The ca parameter specifies a file (in PEM format), that contains the X.509 Certification Authority with which the server certificate has been signed. 
33
You should have downloaded this file with the certificate request confirmation email.
34
To get the CA's X.509 certificate, you only need to click here: 
35
https://ca.terradue.com/gpodcs/certs/cacert.pem. 
36
Then you must specify the absolute path of the file on your disk.
37
38
* cert /path/to/user.pem
39
40
* key /path/to/user.pem
41
42
The cert parameter specifies a file (in PEM format), that contains your X.509 certificate and key. 
43
To get your X.509 certificate, you must go here: 
44
https://ca.terradue.com/gpodcs/cgi/certdown.cgi
45
the enter your username, select the PEM format and finally enter your password.
46
47
h2. [[OpenVPN| OpenVPN GUI for Windows]]
48
49
This section describes the installation steps of the OpenVPN GUI for Windows on a Microsoft Windows XP 32/64 bits.
50
51
h2. [[Tunnelblick for MacOSX| OpenVPN GUI for MacOSX - Tunnelblick]]
52
53
This section describes the installation steps for the Tunnelblick package, a Graphical User Interface for OpenVPN on Mac OS X.
54
55
h2. [[KVpnc for Linux|OpenVPN GUI for Linux - KVpnc]]
56
57
This section describes the installation steps for the KVpnc frontend for OpenVPN on Linux.
58
59
h2. [[OpenVPN Command line]]
60
61
This section describes how to build and install OpenVPN for most of the operating systems, and use it via command lines.