06 maggio, 2008

OpenVpn Experience

Hi everybody, in my company we have a VPN service powered by OpenVpn, a standard configuration between a linux server and many windows client.
As you now, lately I've reinstalled Xp and I have some problems when configuring OpenVPN Client.
The problem is known (the openvpn website explain that) after installing XP ServicePack 2, there are some problem with windows firewall and TAPI network adapter in configuration with a dhcp openvpn server.
Now, I give you more information about my successful configuration.
1. Install OpenVpn 2.1 Rc7 (tha last at this time)
2. Disable Or configure firewall for TAP Interface
3. Download devcon.exe from Microsoft website http://support.microsoft.com/kb/311272
4. Rename the TAP connection in MyTap
5. Identify the interface ID on TAP interface using : devcon hwids =net @root\NET\*
In my case tap0901
6. Create two .bat file in the OpenVPN config directory:
ConfigFileName_pre.bat
devcon enable tap0901
ConfigFileName_down.bat
devcon disable tap0901
OpenVPN Gui launch this two file when start and close the connection ( note the name of the configfile )
7. ConfigFileName
client
dev tap
dev-node MyTap
proto tcp
remote server 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
tls-auth ta.key 1
cipher BF-CBC
comp-lzo
verb 3
mute 10
route-method exe
route-delay 30
ping 5
ip-win32 netsh
8. Start OpenVpn (using ConfigFileName file of course )

Another information, if you have the same subnet network class at home and at office you have to setting the metric of a TAP interface at a lower value than Etherter connection metric.

Good VPN to all!

2 commenti:

  1. Thank you, thank you, this really did the trick!

    RispondiElimina
  2. Thanks sorted out my VISTA/OpenVPN/IPCOP connection.

    Allan

    RispondiElimina