Category Archives: Howto Tutorials (EN)

Howto Tutorials English Contribution Howto’s and Tutorials unblog technical contribution for professionals

How to Install OpenVPN Client

Setting Up and customize OpenVPN on Windows, macOS and Linux

VPN (Virtual Private Network) is becoming more and more widely used. OpenVPN is a free application for building a virtual private network over an encrypted TLS connection. The increasingly popular OpenVPN client enables VPN connections to access its data from anywhere, for example, when working in the home office, or with a private cloud. This article shows the client deployment and use of OpenVPN. OpenVPN is available for free for many operating systems, in addition to Windows there is a client for macOS, for iOS, Linux and Android devices.

How to do it

Content

OpenVPN client install on Windows

OpenVPN for Windows can be downloaded from the community website here, on Windows 10 with double-clicking OpenVPN-2.5.0-I601-amd64.msi start the setup.

Run OpenVPN Customize Setup

Choose Customize to goes through the setup wizard, because here only the client components are needed, we choose the selection.

OpenVPN Setup choose Feature selection

Continuous Installing OpenVPN..

Run OpenVPN Windows Setup

OpenVPN Installing Completed.

OpenVPN Logo

Start OpenVPN

openvpn_systry

A glance at the taskbar shows now the OpenVPN icon openvpn symbol

OVPN configuration import at the client

The OpenVPN Access Server is available for Windows, Linux and FreeBSD, and there are an increasing number of devices that can be used as OpenVPN servers, such as pfSense and OPNsense or OpenWrt, from commercial manufacturer like Sophos formerly Astaro or Synology NAS and many more.

The file with the configuration for the client, such as openvpn.zip, which was previously exported on the VPN server or router need to unpacked, the files ca.crt, README.txt and VPNConfig.ovpn are usually extracted.

The configuration file here in this example VPNConfig.ovpn may have a different file name. Hint! if you change the file name to i.e. office-davos.ovpn, then this name appears in the context menu at connection.

The file VPNConfig.ovpn usually has to be open in an editor, for this I use Notepad and change YOUR_SERVER_IP to the public IP address of the VPN gateway, or the firewall on which is the NAT mapping to the VPN termination device.

OpenVPN Connection Editing

After saving VPNConfig.ovpn, the configuration is imported.

Right-clicking above the icon in the Systemtry opens the context menu from which you choose to import file.

Importing OpenVPN Connection
Figure: Importing OpenVPN Connection
Wenn man die Datei VPNConfig.ovpn umbenennt zB. Office-Arbon.ovpn, erscheint im Kontextmenü Verbinden der entsprechende Name als Ziel.

Tip! If you rename the file VPNConfig.ovpn eg. Home-Office.ovpn, the corresponding name appears as the target in the Connect context menu.

Connecting from the context menu prompts to enter the user and password, which is the user on the VPN Router or with use LDAP authentication the user on the server.

OpenVPN Connection Login
Figure: OpenVPN Connection

If the connection is successful, the OpenVPN icon will appear green.

OpenVPN client setup on macOS

OpenVPN Connect v3 Client for macOS is a complete installation program for macOS, after the installation the ovpn file can be imported for an OpenVPN connection to an access server. If the downloaded OpenVPN Connect v3 for macOS is installed on a Mac on which OpenVPN Connect v3 is already installed and configured, it will be updated to the new version with all settings retained.

How to install OpenVPN on macOS Catalina
OpenVPN Installer on macOS Catalina
OpenVPN Dock
OpenVPN Connect for macOS
OVPN file import on macOS catalina.

Deploy OpenVPN client on Linux

With the standard installation, OpenVPN is usually already installed together with the network management tools, in this case you can go directly to Import OVPN configuration file below. The easiest way to deploy the OpenVPN client using the package management system is to run the following commands as root on a Red Hat based Linux distribution such as Fedora or CentOS:

Install the OpenVPN on Debian and Ubuntu based distributions as follows:

Running the OpenVPN client with the downloaded configuration file, using the -config argument to pass the configuration file:

The configuration file here in this example VPNConfig.ovpn may have a different file name. Hint! if you change the file name to i.e. office-davos.ovpn, then this name appears in the context menu at connection

The connection can also be established via a GUI client, to install the OpenVPN GUI from the shell:

Import OVPN configuration file

Now you can call the Connection Manager by clicking on the network icon – VPN Connections – Configuring VPN.

on Ubuntuimport  OpenVPN use VPN-Connection Manager
Illustration: OpenVPN GUI Ubuntu

By clicking on Add – Import Saved VPN Configuration – Create a new VPN connection. The next step is to import the previously downloaded VPNConfig.ovpn file. The connection can now be started from the taskbar.

For Linux Mint with Cinnamon desktop, you click on the network icon in the taskbar and go to network settings.

Cinnamon Connection
Cinnamon Network

Click + to create a new network connection.

on Cinnamon open saved VPN-config to import OpenVPN

Import saved VPN configuration from the VPNConfig.ovpn file. After entering the user and password, the saved connection can be started in the taskbar.

Import the OVPN file via the Network Manager of Linux Mint and Cinnamon Desktop.

OpenVPN import ovpn-file on Linux Mint
OVPN file import by Network Manager at Linux Mint Cinnamon desktop.

Windows cannot connect to the printer

Connect to Printer: Windows cannot connect to the printer. Operation failed with error 0x00004005

Windows cannot connect to the printer
If the error occurs when adding a network printer; Printer connection cannot be established, then the printer driver must be added directly without using the printer setup wizard.
  1. Click on the Start button, and choose settings.
  2. then select Devices and Printers & scanners.
  3. In the Printers window, click on the right to Print server properties, see below Related settings.
  4. choose the tap Drivers.
Windows-Logo + R

Alternatively open the old windows 7 control panel. Right click on the Start button und choose Run, or press Win + R.

Windows-Logo + Run and type in control printers

Type in control printers and click OK

Quick shortcut rundll32 printui.dll,PrintUIEntry /s /t2

print server properties
Go through the steps 1 to 3, but first select any printer so that the option Print server properties becomes active.

Now drivers for the appropriate printer can be added with click to the Add button, in the wizard with choose the path to the previously downloaded and decompressed driver package, it must point to the directory in which the printer description INF file is located, or select your printer from the device list for which Microsoft provides certified printer drivers.

How to Adding Network Printer

When using Windows printer shares on a server, errors may occur when adding a network printer on client site, because the printer setup wizard are unable to find the printer driver. The wizard looks for a driver in the InfPath registry key, in which the directory path to the printer driver should be saved.

Path to Printer Drivers in Registry InfPath

Registry InfPath printer connection cannot be established
HKLM\SYSTEM\CurrentControlSet\Control\Print\Environments\Windows x64\Drivers\Version-3

Now that the path to the printer driver is no longer valid, the path must be find in the registry of the server, here in this example it is the printer Sharp MX-C401 PCL6, which includes the path to the printer driver with the INF file in the InfPath registry key, the path shown as follows:

The path is inserted as a value in the InfPath key which is presumably empty, require admin rights to change, run regedit.exe as administrator or temporarily grant admin rights to the user.

  If there is another printer on the client with the same driver, InfPath can copy this value and insert it by double-clicking InfPath on the printer with an invalid value or where the value is empty.

Adding Network Printer manually

Now open the windows administrative share print$ to the print server on the client, where the printer drivers of the server are located.

Share print on server02

i.e. \\SERVER02\print$

Under the print share the printer drivers of the installed printers are located on the print server. In our example \\SERVER02\x64\PCC printer drivers are for the Windows 64 Bit system architecture.

Find the appropriate CAB archive file which has the same driver that is file name as the file in RegistryKey InfPath, so here sn0emdeu.inf.

CAB Archive File
\\SERVER02\print$\x64\PCC\sn0emdeu.inf_amd64_284362ba62125445.cab

Unzip the compressed CAB archive file that matches the printer from the print- share with 7-Zip, and copy the files to the path taken from InfPath.

DriverStore FileRepository

Connecting and adding network printers is now possible as usual.

  Another simple solution is to add a new printer where by selecting LPT1 as the port, even if LPT1 does not exist, it is re-entered correctly when the path is installed in the InfPath registry key, so that the printer connection to network printers works again, the previously installed printer on LPT1 can be deleted with Device Removal.

7zip

How to use FortiClient VPN Post Login Script

Run FortiClient SSL VPN from CLI and Scripts

This article describes how to use the FortiClient SSL VPN from the Windows command line, and apply from batch scripts. The FortiClient, available for FortiGate for all known operating systems, can be downloaded from the Fortinet Support section. In addition to the FortiClient 6.4.2.1580 for Windows used here, the FortiClientTools 6.0.9.0277 are also used.

FortiClient VPN Windows  Installation
FortiClient VPN

After the FortiClient is installed, we leave the VPN configuration left blank. Now the FortiClientTools are unpacked into a directory, of interest is the folder contents of SSLVPNcmdline, here the file FortiSSLVPNclient.exe is to be found, along with the Microsoft Visual C++ Redistributable mfc140.dll, msvcp140.dll, vcruntime140.dll runtime components.

Contents of SSLVPNcmdline FortiClientTools_6.0.9.0277.zip.

Running FortiSSLVPNclient.exe opens the GUI.

FortiClient SSLVPN Tool Installation auf Windows
FortiClient SSLVPN

We decide not to use the VPN connection profile stored in Settings, instead to connect from CLI with append parameters.

It is now a good way to start the VPN connection with login and network drive mapping from the script, the following batch file should enable this.

With connect -h will connect to the VPN gateway, the IP address and the port number separated by a colon. The user -u who should log in to the gateway and the password after the colon. Cause timeout wait 10 seconds to VPN connection to be established before execute network drive mapping. The value may be reduced or it must be increased.

In the taskbar, the FortiSSLVPNclient icon, over which the context menu opens with a right click.

The VPN connection is disconnected with the following script.

FortiSSLVPNclient Command Line Usage
Usage: FortiSSLVPNclient.exe [options] [args]

FortiSSLVPNClient Tool Help Site

Source link: Fortinet Knowledge Base