Follow

How to configure Windows OpenVPN client with certificate authentication

Applies to Platform: Windows
Updated on: 27th of August 2013

Scenario

This lessons illustrates how to configure Windows OpenVPN client to use certificate authentication.

Prerequisites

PC with Windows OS.

Internet connectivity to download openvpn community package.

Admin privileges to install openvpn comunity package.

Client Installation

Download openvpn community from http://openvpn.net/index.php/open-source/downloads.html and install it.
During setup choose all components and type in destination folder c:\openvpn.
If during the installation appears a warning or error about installing an unsigned driver,don't worry and choose install.

Configuration

In your openvpn config folder c:\openvpn\config create a folder like ACME-vpn. After go to c:\openvpn\config\ACME-vpn and create a client configuration file called e.g., ACME-vpn.ovpn and insert the text below:

client
dev tap                             
proto udp            #only if you use udp protocol
remote <REDIP> 1194  #1194 only if your vpn server's port is the default port     
resolv-retry infinite
nobind
persist-key
persist-tun
pkcs12 John.p12      #this is the p12 client certificate
#auth-user-pass      #uncomment this row if you want to use two factor authentication
verb 3
comp-lzo
ns-cert-type server

Replace <REDIP> above with the public RED IP of the Endian Appliance.

Copy John.p12 (this certtificate is generate from CA Authorithy this guide) client certificate in c:\openvpn\config\ACME-vpn.
Now right click on the openvpn tray icon and click connect.

Note

If you use a two-factor authentication a window asks your credential of your VPN user created on Endian UTM Appliance,  if there is no error a openvpn tray icon become green. If something goes wrong check if you are able to connect to OpenVPN server Port, default is <REDIP>:1194 with udp protocol.
Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Comments