Segui

How to configure Windows OpenVPN client with certificate authentication

Applies to Platform: Windows
Updated on: October 7th, 2019

Scenario

This lessons illustrates how to configure Windows OpenVPN client to use certificate authentication.

Prerequisites

PC with Windows OS.

Internet connectivity to download openvpn community package.

Admin privileges to install openvpn comunity package.

Client Installation

Download openvpn community from http://openvpn.net/index.php/open-source/downloads.html and install it.
During setup choose all components and type in destination folder c:\openvpn.
If during the installation appears a warning or error about installing an unsigned driver,don't worry and choose install.

Configuration

In your openvpn config folder c:\openvpn\config create a folder like ACME-vpn. After go to c:\openvpn\config\ACME-vpn and create a client configuration file called e.g., ACME-vpn.ovpn and insert the text below:

client
dev tap                             
proto udp            #only if you use udp protocol
remote REDIP 1194  #1194 only if your vpn server's port is the default port     
resolv-retry infinite
nobind
persist-key
persist-tun
pkcs12 John.p12      #this is the p12 client certificate
#auth-user-pass      #uncomment this row if you want to use two factor authentication
verb 3
comp-lzo
ns-cert-type server

Replace REDIP above with the public RED IP of the Endian Appliance.

To create John.p12 client certificate, please follow this guide, then copy .p12 file into c:\openvpn\config\ACME-vpn.

Now right click on the openvpn tray icon and click connect.

Note

If you want to generate the certificates using an external host, please follow this guide.

Note

If you use a two-factor authentication a window asks your credential of your VPN user created on Endian UTM Appliance,  if there is no error a openvpn tray icon become green. If something goes wrong check if you are able to connect to OpenVPN server Port, default is <REDIP>:1194 with udp protocol.
Altre domande? Invia una richiesta

Commenti