Tag Archives: OpenVPN

OpenVPN is free software for building a virtual private network over an encrypted TLS connection. OpenVPN is available for Windows, macOS iOS and Android.

UNBLOG Tutorials (EN)

How to Install OpenVPN Client

Home
Leave a comment

Setting Up and customize OpenVPN Client on Windows, macOS and Linux

VPN (Virtual Private Network) is becoming more and more widely used. OpenVPN is a free application for building a virtual private network over an encrypted TLS connection. The increasingly popular OpenVPN client enables VPN connections to access its data from anywhere, for example, when working in the home office, or with a private cloud.

This article shows the client deployment and use of OpenVPN. OpenVPN is available for free for many operating systems, in addition to Windows there is a client for macOS, for iOS, Linux and Android devices.

How to do it

Content

OpenVPN client install on Windows

The OpenVPN client can be deployed from the Windows Package Manager using winget ran in the command prompt.

C:\> winget install --id OpenVPNTechnologies.OpenVPN

OpenVPN for Windows can also be downloaded from the community website here, on Windows 10 with double-clicking OpenVPN-2.5.0-I601-amd64.msi start the setup.

Choose Customize to goes through the setup wizard, because here only the client components are needed, we choose the selection.

Continuous Installing OpenVPN..

OpenVPN Installing Completed.

Start OpenVPN

A glance at the taskbar shows now the OpenVPN icon

OVPN configuration import at the client

The OpenVPN Access Server is available for Windows, Linux and FreeBSD, and there are an increasing number of devices that can be used as OpenVPN servers, such as pfSense and OPNsense or OpenWrt, from commercial manufacturer like Sophos formerly Astaro or Synology NAS and many more.

The file with the configuration for the client, such as openvpn.zip, which was previously exported on the VPN server or router need to unpacked, the files ca.crt, README.txt and VPNConfig.ovpn are usually extracted.

The configuration file here in this example VPNConfig.ovpn may have a different file name. Hint! if you change the file name to i.e. office-davos.ovpn, then this name appears in the context menu at connection.

The file VPNConfig.ovpn usually has to be open in an editor, for this I use Notepad and change YOUR_SERVER_IP to the public IP address of the VPN gateway, or the firewall on which is the NAT mapping to the VPN termination device.

After saving VPNConfig.ovpn, the configuration is imported.

Right-clicking above the icon in the Systemtry opens the context menu from which you choose to import file.

Figure: Importing OpenVPN Connection

Tip! If you rename the file VPNConfig.ovpn eg. Home-Office.ovpn, the corresponding name appears as the target in the Connect context menu.

Connecting from the context menu prompts to enter the user and password, which is the user on the VPN Router or with use LDAP authentication the user on the server.

Figure: OpenVPN Connection

If the connection is successful, the OpenVPN icon will appear green.

Useful post on this topic can be found in OpenVPN Connection Script
you might also be interested in OpenVPN Connect using on iPhone and Android

OpenVPN client setup on macOS

OpenVPN Connect v3 Client for macOS is a complete installation program for macOS, after the installation the ovpn file can be imported for an OpenVPN connection to an access server. If the downloaded OpenVPN Connect v3 for macOS is installed on a Mac on which OpenVPN Connect v3 is already installed and configured, it will be updated to the new version with all settings retained.

OpenVPN Installer on macOS Catalina
OpenVPN Connect for macOS Import and Edit
OVPN file import on macOS catalina.

Deploy OpenVPN client on Linux

With the standard installation, OpenVPN is usually already installed together with the network management tools, in this case you can go directly to Import OVPN configuration file below. The easiest way to deploy the OpenVPN client using the package management system is to run the following commands as root on a Red Hat based Linux distribution such as Fedora or CentOS:

[sam@fedora ~]$ sudo su -
[sudo] password for sam
[root@fedora ~]# dnf install openvpn

Install the OpenVPN on Debian and Ubuntu based distributions as follows:

[sam@debian ~]$ sudo su -
[sudo] password for sam
[root@debian ~]# apt-get install openvpn

Running the OpenVPN client with the downloaded configuration file, using the -config argument to pass the configuration file:

openvpn -config VPNConfig.ovpn

The configuration file here in this example VPNConfig.ovpn may have a different file name. Hint! if you change the file name to i.e. office-davos.ovpn, then this name appears in the context menu at connection

The connection can also be established via a GUI client, to install the OpenVPN GUI from the shell:

sudo apt-get install network-manager-openvpn-gnome

Import OVPN configuration file

Now you can call the Connection Manager by clicking on the network icon – VPN Connections – Configuring VPN.

Illustration: OpenVPN GUI Ubuntu

By clicking on Add – Import Saved VPN Configuration – Create a new VPN connection. The next step is to import the previously downloaded VPNConfig.ovpn file. The connection can now be started from the taskbar.

For Linux Mint with Cinnamon desktop, you click on the network icon in the taskbar and go to network settings.

Click + to create a new network connection.

Import saved VPN configuration from the VPNConfig.ovpn file. After entering the user and password, the saved connection can be started in the taskbar.

Import the OVPN file via the Network Manager of Linux Mint and Cinnamon Desktop.

OVPN file import by Network Manager at Linux Mint Cinnamon desktop.
UNBLOG Tutorials (EN)

OpenVPN Connection Script file

Home
8 Comments

Running connection script file during OpenVPN Connect and Disconnect

OpenVPN Client for Windows using script file allows you to mapping network drives to server shares when starting VPN connection. There are other options, such as running login scripts, printer redirects, or automated updating. This tutorial shows the installation and the usage of OpenVPN connection scripts.

How to do it

The OpenVPN GUI for Windows can be downloaded from the community website here. The OpenVPN client can also be deployed using winget ran in the command prompt.

C:\> winget install --id OpenVPNTechnologies.OpenVPN

Upon during installation, the OpenVPN directory is created under %USERPROFILE%, including the folder config, which contains the configuration files (.ovpn) that are stored from the OpenVPN GUI with File Import.

Right-clicking above the OpenVPN icon in the taskbar opens the context menu with file import, which is saved at: %USERPROFILE%\OpenVPN\config

OpenVPN Connection Script file

The OpenVPN Connection Script batch files must be in the same config directory and have the same name as the file name of the configuration (.ovpn). Whereby _up must be added, as here the file name starts with VPNConfig and appended _up, VPNConfig_up.bat.

The contents of the OpenVPN connection script batch file may look like this. The network drive is mapped to the server after connecting OpenVPN.

Edit OpenVPN Connection Script VPNConfig_up.bat in Notepad

It is mapped with VPNConfig_up.bat the network drive I: to the server tower, here in this example being login against domain city.local as username max using password pass123. If you do not want to have a visible password in the batch. You can remove it so the password prompt will by called.

Edit OpenVPN Connection Script VPNConfig_down.bat in Notepad

After disconnecting the OpenVPN connection, the batch VPNConfig_down.bat does disconnects the network drives.

The batch files must be in the same directory. Here in the user profile under OpenVPN along with the ovpn file in the config directory.

  If you rename the configuration file before importing it, here the VPNConfig.ovpn i.e. CityOffice.ovpn, then this name appears in the context menu when connecting to destination in the OpenVPN GUI. The batch files must have the same names before _up and _down.

  In order for the server name to be resolved at “net use”, the entry “dhcp-option DNS” has to modify in the file VPNConfig.ovpn:
dhcp-option DNS 192.168.3.110

In this example, the DNS 192.168.3.110 is on the remote network to which we connect to OpenVPN. If there is no DNS on the network, the IP address must be specified instead of the host name.

OpenVPN Settings

In the OpenVPN Settings you will find the possibility to determine the location of the configuration files and log files. Here the path to the files can be changed, also there is the possibility to determine the extension .ovpn. Adjusting the paths can be useful, for example, when using roaming profiles, creating the folder for the OpenVPN connections under %APPDATA%, or when using offline folders, this can be set individually.

In the OpenVPN Settings Advanced, the values for script files can be changed if necessary, in the Script Timeout area for Preconnect script timeout, in this case the batch file VPNConfig_up.bat, and VPNConfig_down.bat for timeout for Disconnect script.

Example: OpenVPN Connection Script Netlogon Batch file (xxxxxxxx_up.bat):
@echo off
timeout 5
REM mapping network printer
rundll32 printui.dll,PrintUIEntry /in /n \\tower\laserjet_office
REM mapping network drive
net use I: \\tower\office /persistent:no /user:city\max pass123
REM wait along two pings
ping localhost -n 2 > null
REM pop-up greeting message
echo msgbox("Welcome %USERNAME% on %USERDOMAIN%."),vbInformation , "Message"> %temp%\msg.vbs 
%temp%\msg.vbs
REM delete message
erase %temp%\msg.vbs