Open VPN Client Configuration

Notes

Authentication is via certificates, no passwords are used.
Each client certificate is assigned an IP address, thus the same certificate cannot be used by two people at the same time.
If a person leaves the organization, that certificate must be revoked on the server to cancel access permissions.
A windows client may be bundled with the certificate download, but any OpenVPN client may be used, (eg Linux, Mac, or newer Windows version).

Personnel Firewalls

Note most Windows clients have personnel firewalls, either as part of the native operating system and/or as part of a 3rd party anti-virus suite. These must be configured to allow OpenVPN Connections:

By default OpenVPN users UDP, port 1194. This must be open for outgoing connections.
However the defaults can be changed and are likely to be different if their are multiple VPN's configured on one server. The config file as well as the log generated during startup indicate the actual protocol and port in use.
For testing:
- Ensure that both Windows and 3rd party firewalls are deactivated.
- Once the connection has been proven, go back and re-activate the required firewall.
- Configure the firewall to allow the required protocol.
- Retest the VPN.

Windows OpenVPN Client

=== Windows 10 ===
1. Download and install "OpenVPNGUI" from https://openvpn.net/community-downloads/ Note there are many OpenVPN clients, this one is open source, free and it is recommended by ZSD. Note OpenVPNGui is bundled in the Windows install file (https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.7-I607-Win10.exe)
2. Start OpenVPNGUI.
3. Right click on the OpenVPNGUI icon in your Windows Tray at the bottom right of your screen.
4. Import your personal ".ovpn" file that includes configuration and certificates for your VPN connection.
5. Na
=== Windows 7 ===
1. Unzip the supplied archive file and save the contents in a directory on your Window's PC hard drive.
2. Navigate to where you stored the files with Windows Explorer.
3. Right click on the openvpn-...-install.exe
  - Select Properties
  - Select Compatibility
  - Select Windows Vista
  - Select Run this program as Administrator, save settings.
4. Run the openvpn-...-install.exe to install the client on the Windows PC.
5. Copy the remaining configuration files into the "Program Files/OpenVPN/config" directory.
6. Right click on the new OpenVPN icon on the desktop.
  - Select Properties
  - Select Compatibility
  - Select Windows Vista
  - Select Run this program as Administrator, save settings.
7. Double click on the new OpenVPN icon on the desktop to run it, accept warning message if necessary.
8. Right click on the OpenVPN icon in the system tray and select "connect".
9. Wait till the icon turns green.
10. Use IP address not server name to reach servers on the network. Eg rdesktop to 192.168.<nnn>.33
NB Both the installer and the OpenVPN gui must be run in Vista compatible mode as Administrator. === Windows Vista ===
1. Unzip the supplied archive file and save the contents in a directory on your Window's PC hard drive.
2. Run the openvpn-...-install.exe to install the client on the Windows PC.
3. Copy the remaining configuration files into the "Program Files/OpenVPN/config" directory.
4. Right click on the new OpenVPN icon on the desktop.
  - Select Properties
  - Select Compatibility
  - Select Run this program as Administrator
5. Double click on the new OpenVPN icon on the desktop to run it, accept warning message if necessary.
6. Right click on the OpenVPN icon in the system tray and select "connect".
7. Wait till the icon turns green.
8. Use IP address not server name to reach servers on the network. Eg rdesktop to 192.168.<nnn>.33
=== Windows XP ===
1. Unzip the supplied archive file and save the contents in a directory on your Window's PC hard drive.
2. Run the openvpn-...-install.exe to install the client on the Windows PC.
3. Copy the remaining configuration files into the "Program Files/OpenVPN/config" directory.
4. Double click on the new OpenVPN icon on the desktop to run it.
5. Right click on the OpenVPN icon in the system tray and select "connect".
6. Wait till the icon turns green.
7. Use IP address not server name to reach servers on the network. Eg rdesktop to 192.168.<nnn>.33