Re: [Openvpn-devel] New openvpn-gui snapshot
Heiko Hund astaro.com> writes: > > On Wednesday 08 September 2010 22:56:40 Arne Schwabe wrote: > > On 08.09.2010 22:32, Heiko Hund wrote: > > > On Wednesday 08 September 2010 17:34:28 you wrote: > > >> We found one problem in the GUI already: if you only have a single > > >> openvpn config file (foo.ovpn) in your config directory, the gui > > >> crashes if you double-left-click on the tray icon. It works if you > > >> right-click on the tray icon and then click on "connect". (Heiko can > > >> reproduce it, so it's fixable ). > > > > > > I just uploaded a new OpenVPN GUI snapshot to [1]. It should fix the > > > issues found by Gert. Please report if you run into problems. > > > > Can you build the openvpn gui with the "this application need > > Adminstrator rights" flag? In our expriences the amount of user > > questions "vpn does not work" is just too big otherwise. > > I believe this is the wrong approach. A better solution would be not to > require any privileges for the GUI at all. The switch to the openvpn > management interface for communication was the first step in the transition > towards achieving that. In the midterm I envision the Windows service to be > enhanced to allow starting OpenVPN on behalf of the GUI. However, I suppose > this will take a while to happen. If you need a solution right now the thread > at http://www.astaro.org/astaro-gateway-products/vpn-site-site-remote- > access/32659-ssl-vpn-non-admin-vista-win7.html may be interesting for you. > > @Samuli: is there some time left in the meeting tonight to kick off the > discussion on that? If so, I'd like this topic to be added to the agenda. > > Regards > Heiko Do you know any OpenVPN GUI implementation which takes this approach of controlling openvpn.exe daemon through management interface? I have been playing with openvpn management interface for a while. I wish if there is a GUI interface which an user, through a mouse click,: 0. Open OpenVPN tunnel 1. List certificates in token/smartcard: 2. Select certificate 3. Type PIN 4. Close tunnel I have mapped this useful commands respectively: 0. hold release 1. pkcs11-id-count and pkcs11-id-get 2. needstr pkcs11-id-request 3. password 4. signal
Re: [Openvpn-devel] [Openvpn-users] TAP installation Problem (2.1.3) on Windows 2000
Hi Gert (and David), Gert Doering wrote: Hi, On Thu, Oct 07, 2010 at 05:47:40PM +0200, Gert Doering wrote: On Thu, Oct 07, 2010 at 05:28:13PM +0200, Jan Just Keijser wrote: WHy is that? it's a (minor) mistake in how openvpn 2.1.3 is packaged: This is not a mistake (as in "oops, we didn't know"), but was unavoidable since the latest WDK is needed to properly support signed drivers for Win7, and that version does not support Win2k anymore. OTOH, there *should* be a Windows 2000 install.exe, but right now I cannot find it on the download page either - James did build it, with the old WDK/DDK, but somewhere in the release process it must have fallen through the cracks. David found it: http://secure.openvpn.net/win/openvpn-2.1.3-install.exe (XP to 7) http://secure.openvpn.net/win/openvpn-2.1.3-install-win2k.exe (w2k) thanks for sorting this out so quickly! I did not know that version still existed (and I'm an old-fashioned wk2 user ;-)) cheers, JJK
Re: [Openvpn-devel] [Openvpn-users] TAP installation Problem (2.1.3) on Windows 2000
Hi, On Thu, Oct 07, 2010 at 05:47:40PM +0200, Gert Doering wrote: > On Thu, Oct 07, 2010 at 05:28:13PM +0200, Jan Just Keijser wrote: > > > WHy is that? > > it's a (minor) mistake in how openvpn 2.1.3 is packaged: > > This is not a mistake (as in "oops, we didn't know"), but was unavoidable > since the latest WDK is needed to properly support signed drivers for > Win7, and that version does not support Win2k anymore. > > OTOH, there *should* be a Windows 2000 install.exe, but right now > I cannot find it on the download page either - James did build it, > with the old WDK/DDK, but somewhere in the release process it must > have fallen through the cracks. David found it: http://secure.openvpn.net/win/openvpn-2.1.3-install.exe (XP to 7) http://secure.openvpn.net/win/openvpn-2.1.3-install-win2k.exe (w2k) gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpkFnwgqUOd1.pgp Description: PGP signature
Re: [Openvpn-devel] [Openvpn-users] TAP installation Problem (2.1.3) on Windows 2000
Hi, On Thu, Oct 07, 2010 at 05:28:13PM +0200, Jan Just Keijser wrote: > > WHy is that? > it's a (minor) mistake in how openvpn 2.1.3 is packaged: This is not a mistake (as in "oops, we didn't know"), but was unavoidable since the latest WDK is needed to properly support signed drivers for Win7, and that version does not support Win2k anymore. OTOH, there *should* be a Windows 2000 install.exe, but right now I cannot find it on the download page either - James did build it, with the old WDK/DDK, but somewhere in the release process it must have fallen through the cracks. Samuli: can you find it on the internal build servers? gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpCpPFdOQJrc.pgp Description: PGP signature
Re: [Openvpn-devel] [Openvpn-users] TAP installation Problem (2.1.3) on Windows 2000
Ralf Hildebrandt wrote: During installation, no TAP32 adapter is being installed and the addtap.bat returns an error: d:\program files\openvpn\bin\tapinstall.exe is not a valid Win32 application. WHy is that? it's a (minor) mistake in how openvpn 2.1.3 is packaged: openvpn 2.1.1 comes with tapinstall.exe v6.0.6001.18000, named 'Windows Codename Longhorn DDK driver' openvpn 2.1.3 comes with tapinstall.exe v6.1.7600.16385, named 'Windows Win 7 DDK provider' Apparently this later version of tapinstall.exe is not recognized as a valid win32 application, most likely because Microsoft stopped supporting Windows 2000 some time ago. Note that OpenVPN 2.2 will also no longer include Windows 2000 support, as was discussed somewhere late august. The nice fix would be to include the older version of tapinstall.exe in an update of the windows installer package. A quick&dirty hack is to copy over the tapinstall.exe from the 2.1.1 installer and then run 'tapinstall' again (from the OpenVPN menu option in the 'Start' menu) HTH, JJK
