AS201281 Wiki

Your check engine light is on!

User Tools

Site Tools


Sidebar

Infrastructure & System administration

Operations

Services and infrastructure

sysadmin:vpn

VPN

Out dated. Use WireGuard now.

Connection to nomad clients VPN

Asking for a certificate

To be able to connect to the VPN, it is necessary to have a client certificate and the certification authority chain which has created the certificate. To have this the VPN administrator should be contacted. He is the person who manages the certification authority.

Once the certificate created, the following files should be used to modify the VPN client configuration:

  • ca-chain-users.pem which is the certification authority chain ;
  • hostname.crt which is the public key of the certificate and ;
  • hostname.key which is the private key of the certificate (it must be absolutely stay secret).

GNU/Linux client with Network Manager

FIXME

Windows with OpenVPN GUI

Download

One of the following clients must be downloaded depending on the used Windows' version.

Installation

Like lots of softwares, the installer of the OpenVPN client requires to complete several steps. Once the installer donwloaded, it can be started by double-clicking on it. After clicking on Next and accepting the terms of use, you need to ensure that the installater's options are the following. The default selection should be enough (in theory).

During the installation process, the driver for the virtual interface that will be used by the VPN must be installed. So you need to accept its installation when it will be asked.

Once the installation done, it might be useful to rename the virtual interface with a better name so you can remember it and use it in the VPN configuration. In the network interfaces list, you need to look for the TAP interface and then rename it by doing a right click and selecting Rename.

Configuration

You need to download the file gravitons.ovpn and put it in the configuration directory of OpenVPN which is C:\Program Files\OpenVPN\config by default. After opening the file, you need to change the values of the dev-node, ca, cert and key options to use the proper interface and certificate. It is recommended to put the certificate files in the directory where the configuration file is.

Utilisation

To use the VPN you need to start the OpenVPN GUI client with the administrator rights. Then you can right click the icon in the taskbar and click on the Connect entry of the menu. A window should pop up and show logs, few seconds later the connection should be established. OpenVPN will, with a notification, display the allocated IP address.

sysadmin/vpn.txt · Last modified: 2021/01/04 21:41 (external edit)