OpenVPN

From FGWiki
Jump to: navigation, search

Overview

OpenVPN is an SSL based VPN solution made by the good people at http://www.openvpn.net. Currently hosted on Hosts/nut and assigns clients an IP in the 10.0.20.0/24 subnet.

Remote Access

You will need a set of certificates in order to access Free Geek, contact a Workgroups/Sysadmin member to get access.

Ubuntu 12.04+ access instructions

  • Install network-manager-openvpn
  • Go to dash, open "Network Connections"
  • Select the VPN tab
  • click 'Add'
    • select OpenVPN and press create
    • Enter a name ( "Free Geek Vancouver" )
    • Ensure "connect automatically" is not checked
    • Enter "vpn.freegeekvancouver.org" as the gateway
    • Set type to Certificates (TLS)
    • Set the user certificate to your *.crt file
    • Set the CA certificate to your ca.crt file
    • Set the private key to your *.key file
    • Enter the password for your key
    • Select Advanced
      • Change the gateway port to 5000
      • Select 'Use LZO data compression'
      • Select OK
    • Back in the main Free Geek Vancouver window
    • Ensure Available to all users is deselected
    • Press 'Save...'
  • Then close the network connections window
  • You should now be able to connect to Free Geek Vancouver

Creating certificates

  • Use XCA to create a certificate under the VPN CA
  • Send root ca.crt, user-name.crt with VPN CA certificate appended and user-name.key to the user