VPNsetup » History » Version 2
Herve Caumont, 2013-05-16 10:32
1 | 1 | Herve Caumont | h1. VPN Setup |
---|---|---|---|
2 | |||
3 | {{>toc}} |
||
4 | |||
5 | The purpose of this section is to lead the users to configure their OpenVPN connexion to access Terradue's VPN server. |
||
6 | The user authentication will be checked against the X.509 user certificate. |
||
7 | |||
8 | Note that you will always have to manually setup a configuration file. |
||
9 | This file is applicable for OpenVPN on Microsoft Windows, Mac OS X or Linux environments. |
||
10 | This is because the Graphical User Interfaces that we are going to present do not assist you in the creation and maintenance of the OpenVPN's configuration. They only help you to connect and disconnect the VPN, and ask for the username and password if they are required. |
||
11 | |||
12 | To manage the access to the Developer Cloud Sandboxes, you can install a VPN Client on your workstation. |
||
13 | Several OpenVPN-related software packages are described in the sections below, with their step-by-step installation operations. |
||
14 | You will see how to install and configure the most used OpenVPN's GUI for Microsoft Windows, Mac OS X and Linux. |
||
15 | |||
16 | You will also learn to use the OpenVPN's command line interface. |
||
17 | This last possibility is useful, because the "openvpn" command, which you can execute by using the prompt (Unix Shell or Windows Prompt) accepts the same parameters and has the same behavior regardless of which Operating System you use. |
||
18 | In addition, you can use the "openvpn" command in a script to automatically start the VPN connection. |
||
19 | |||
20 | h2. OpenVPN client configuration for Windows, Mac OS X and Linux |
||
21 | |||
22 | h3. The configuration file of OpenVPN |
||
23 | |||
24 | In order to further simplify the configuration of the OpenVPN client, use the file "t2.ovpn" provided in page attachment: |
||
25 | 2 | Herve Caumont | * Download the generic configuration file by clicking "t2.ovpn":https://support.terradue.com/attachments/download/22/t2.ovpn |
26 | 1 | Herve Caumont | Before using it, you must edit this file, and modify it accordingly to the comments inside. |
27 | |||
28 | The file has comments that explain the meaning of the parameters, but only 3 of them you surely need to change to obtain a VPN connection: |
||
29 | |||
30 | * ca /path/to/cacert.pem |
||
31 | |||
32 | The ca parameter specifies a file (in PEM format), that contains the X.509 Certification Authority with which the server certificate has been signed. |
||
33 | You should have downloaded this file with the certificate request confirmation email. |
||
34 | To get the CA's X.509 certificate, you only need to click here: |
||
35 | https://ca.terradue.com/gpodcs/certs/cacert.pem. |
||
36 | Then you must specify the absolute path of the file on your disk. |
||
37 | |||
38 | * cert /path/to/user.pem |
||
39 | |||
40 | * key /path/to/user.pem |
||
41 | |||
42 | The cert parameter specifies a file (in PEM format), that contains your X.509 certificate and key. |
||
43 | To get your X.509 certificate, you must go here: |
||
44 | https://ca.terradue.com/gpodcs/cgi/certdown.cgi |
||
45 | the enter your username, select the PEM format and finally enter your password. |
||
46 | |||
47 | h2. [[OpenVPN| OpenVPN GUI for Windows]] |
||
48 | |||
49 | This section describes the installation steps of the OpenVPN GUI for Windows on a Microsoft Windows XP 32/64 bits. |
||
50 | |||
51 | h2. [[Tunnelblick for MacOSX| OpenVPN GUI for MacOSX - Tunnelblick]] |
||
52 | |||
53 | This section describes the installation steps for the Tunnelblick package, a Graphical User Interface for OpenVPN on Mac OS X. |
||
54 | |||
55 | h2. [[KVpnc for Linux|OpenVPN GUI for Linux - KVpnc]] |
||
56 | |||
57 | This section describes the installation steps for the KVpnc frontend for OpenVPN on Linux. |
||
58 | |||
59 | h2. [[OpenVPN Command line]] |
||
60 | |||
61 | This section describes how to build and install OpenVPN for most of the operating systems, and use it via command lines. |