Re: Fw: OpenVPN Setup

2011-05-10 Thread Kevin Wilcox
On Tue, May 10, 2011 at 20:09, Kevin Wilcox  wrote:

> On Tue, May 10, 2011 at 19:59, Bill Tillman  wrote:

>>    client1.crt
>>    client1.csr
>>    client1.key

> You only need to copy the .crt and .key files, those are your key and
> certificate for the client named client1.

One more comment there - you also need the ca.crt file.

kmw
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"


Re: Fw: OpenVPN Setup

2011-05-10 Thread Kevin Wilcox
On Tue, May 10, 2011 at 19:59, Bill Tillman  wrote:

> This is a very frustrating process but I think I'm getting there. The files
> I created on the FreeBSD server which I copied over are:
>
>    client1.crt
>    client1.csr
>    client1.key
>
> But the windows setup appears that it wants one of these files to be called
> client.ovpn. Of course I can't give all of them that name so I'm stumped
> again.

You only need to copy the .crt and .key files, those are your key and
certificate for the client named client1.

They are used for authentication.

The .ovpn file (.conf on Unix) contains the information OpenVPN needs
to find your OpenVPN server. A good sample can be found at
http://openvpn.net/index.php/open-source/documentation/howto.html#examples.

For example, I give the following config to my clients:



client
dev tun
proto udp
remote put_your_server_ip_here 1194
resolv-retry infinite
nobind
persist-key
persist-tun
route-method exe
route-delay 2
ca ca.crt
cert client1.crt
key client1.key
# only uncomment if you setup tls-auth
# tls-auth tls-auth.key 1
verb 3
comp-lzo



Yours won't match exactly but it'll probably be awfully close.

kmw
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"


Re: Fw: OpenVPN Setup

2011-05-10 Thread Bill Tillman






From: Kevin Wilcox 
To: Bill Tillman 
Cc: freebsd-questions@freebsd.org
Sent: Tue, May 10, 2011 7:42:21 PM
Subject: Re: Fw: OpenVPN Setup

On Tue, May 10, 2011 at 19:19, Bill Tillman  wrote:

> OK I know I saw this somewhere but it eludes me now. I have generated the keys
> and certificates for the server and client on my FreeBSD server. I then copied
> them over to my Windows laptop but apparently cannot find where I'm supposed 
to
> copy them to. And my replies keep getting blocked by some kind of spam filter.

The client conf and all certs can go in one directory under

(32-bit Windows) C:\Program Files\OpenVPN\config\

(64-bit Windows) C:\Program Files(x86)\OpenVPN\config\

kmw


This is a very frustrating process but I think I'm getting there. The files I 
created on the FreeBSD server which I copied over are:

   client1.crt
   client1.csr
   client1.key

But the windows setup appears that it wants one of these files to be called 
client.ovpn. Of course I can't give all of them that name so I'm stumped again.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"


Re: Fw: OpenVPN Setup

2011-05-10 Thread Kevin Wilcox
On Tue, May 10, 2011 at 19:19, Bill Tillman  wrote:

> OK I know I saw this somewhere but it eludes me now. I have generated the keys
> and certificates for the server and client on my FreeBSD server. I then copied
> them over to my Windows laptop but apparently cannot find where I'm supposed 
> to
> copy them to. And my replies keep getting blocked by some kind of spam filter.

The client conf and all certs can go in one directory under

(32-bit Windows) C:\Program Files\OpenVPN\config\

(64-bit Windows) C:\Program Files(x86)\OpenVPN\config\

kmw
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"


Fw: OpenVPN Setup

2011-05-10 Thread Bill Tillman






From: Chuck Swiger 
To: Bill Tillman 
Cc: freebsd-questions@freebsd.org
Sent: Tue, May 10, 2011 6:39:48 PM
Subject: Re: OpenVPN Setup


 
OK I know I saw this somewhere but it eludes me now. I have generated the keys 
and certificates for the server and client on my FreeBSD server. I then copied 
them over to my Windows laptop but apparently cannot find where I'm supposed to 
copy them to. And my replies keep getting blocked by some kind of spam filter.
On May 10, 2011, at 3:31 PM, Bill Tillman wrote:
> One more thing. I am going to need the Windows Client but I don't seem to 
> find 
>that at the OpenVPN site, only the full install which I assume installs the 
>server as well as the client. Or am I missing the link to get just the client 
>install. I would like to keep the overhead to a minimum.

There isn't different software for server and client; OpenVPN performs either 
role depending on how it is configured.
Given that the Windows installer is very close to the size of a 1.4 MB floppy, 
you're likely consuming about twenty cents worth of disk space, or about a 
dollar's worth of SSD space.

Regards,
-- 
-Chuck

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"


Fw: OpenVPN Setup

2011-05-10 Thread Bill Tillman

 


From: Chuck Swiger 
To: Bill Tillman 
Cc: freebsd-questions@freebsd.org
Sent: Tue, May 10, 2011 4:14:34 PM
Subject: Re: OpenVPN Setup

On May 10, 2011, at 12:55 PM, Bill Tillman wrote:
> I have a FreeBSD-8.2-STABLE server running OpenVPN. What I'm trying to do is 
> to 
>
> be able to access my LAN with my M$ Windows laptop using a M$ compatible 
>client. 
>
> I read the manpage and it basically sets forth examples in which there will 
> be 

> two (2) OpenVPN servers. In my case I will only have one OpenVPN server and 
> my 

> laptop out there on the road. And of course I won't know the IP address of my 
> laptop until I connect out there somewhere. Can anyone recommend how to do 
> this 
>
> or where I can read more about how to use OpenVPN with only one server?


OpenVPN's site provides fine documentation:

  http://openvpn.net/index.php/open-source/documentation.html
  
http://openvpn.net/index.php/open-source/documentation/miscellaneous/78-static-key-mini-howto.html


Regards,
-- 
-Chuck

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"



I'm working through the docs you referenced in the HOWTO and it says:
Next, initialize the PKI. On Linux/BSD/Unix:
. ./vars
>./clean-all
>./build-ca
the vars file is not executable and from what I see in the Makefile they want 
to 
chmod it to 644I tried /bin/sh ./vars and it seemed to work but then when I 
run ./clean-all which is executable I get
Please source the vars script first (i.e. ". ./vars")
Make sure you have edited it to reflect your configuration.
I'm stumped as this appears to be something Linux will handle but not 
FreeBSDany suggestions?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"