You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Windows

Installing

  1. Download the Windows OpenVPN installer from: https://openvpn.net/index.php/open-source/downloads.html
  2. Run the installer
    1. During the installation process, a second installer for the TAP/TUN driver will start. You also need to install this driver.
    2. When asked to select components of the OpenVPN installation, you do NOT need the easy-rsa component.
    3. You may also want to check, under Advanced, to not remember passwords.
    4. Whether or not to have the OpenVPN gui start at login is up to you.
  3. If you wish to be able to run OpenVPN as a non-administrative user:
    1. Add the user to the "OpenVPN Administrators" group
      1. For Windows10, login as an administrative user.
      2. Right click the Start menu
      3. Choose "Computer Management"
      4. In the left tab, expand Computer Management, System Tools, Local Users and Groups, Groups
      5. In the right tab, double click "OpenVPN Administrators" (you might first need to create this group)
      6. Click "Add"
      7. Type in the username or domain\username and click "OK"
      8. Again click "OK"
      9. The user will need to re-login if already login'ed to the computer
    2. Reboot the PC (necessary to start the "OpenVPN Interactive" service
  4. Login as the user who will be running OpenVPN (administrative or otherwise)

  5. Create a new folder:

    C:\users\[username]\openvpn\config

     

  6. Copy the config and key files to the folder just created.

Connecting

  1. Login as the user to start OpenVPN
  2. Double click the "OpenVPN GUI" icon on the desktop. This will not do anything other than to put the OpenVPN systray icon in the systray.
  3. In the systray, double click the OpenVPN icon. This will start OpenVPN on the config files you created earlier.
  4. For AUTH username, enter your netid
  5. For AUTH password, enter in a code from your DUO token, or enter in an alias for the device you want DUO to call or push via the DUO app
    1. Aliases for devices can be found at: https://twostep.netid.cornell.edu
  6. You can now Map the CNF510 server.
  7. To disconnect, again double click the OpenVPN icon in the system tray.
    1. Click "Disconnect"

Linux

Installing

  1. Either install OpenVPN if available as a package from your distribution, or download from: https://openvpn.net/index.php/open-source/downloads.html
  2. Obtain configs and certificates from CNF Computing
  3. Place the configs and certificates in a directory
    1. This can either be the OpenVPN system config directory, usually /etc/openvpn
    2. OR a local directory

Connecting

  1. If you placed the OpenVPN configs in the system directory, just start the openvpn client with:

    sudo openvpnor your choice of OpenVPN GUI.

  2. If you placed the OpenVPN configs in a different directory, cd to that directory and then (the configfile will usually be named something like: cnf510-netid.conf):

    sudo openvpn --config confgfile

  3. When prompted, enter your netid for the AUTH username

  4. When prompted, for the AUTH password,  enter in a code from your DUO token, or enter in an alias for the device you want DUO to call or push via the DUO app
    1. Aliases for devices can be found at: https://twostep.netid.cornell.edu
  5. You can now connect to the CNF510 server.
    1. Note you will need Samba4 to be able to connect.
    2. You may need to add to the "[global]" portion of your smb.conf file the following two lines:
      client min protocol = SMB2
      client max protocol = SMB3

       

    3. OR if running smbclient from the commandline, specify "-m SMB3" to use the SMB3 protocol.

  6. To disconnect, either use the Disconnect option in your OpenVPN gui or press CTRL-C in the OpenVPN terminal window in which you started the openvpn client.

Macintosh

More information coming soon.

  • No labels