JS Ext

Friday, September 7, 2012

OpenVPN setup

OpenVPN is a great VPN technology.  Although it can be a little confusing to set up, its a lot easier than other VPN technologies.  It is also more secure that some of the more common ones.  When I decided to set up OpenVPN on my home network and my cell phone, I wanted to record the steps that I did to get it up and running.  My Linux distro of choice is Gentoo, so these steps are a bit Gentoo-specific.  Here is a quick run down of what I did.

cd /etc/openvpn
rsync -av /usr/share/openvpn/easy-rsa ./
vi vars
     Put in your own values for KEY_*
     EASY_RSA=/etc/openvpn/easy-rsa
cd /etc/openvpn/easy-rsa
. ./vars
mkdir -p $KEY_DIR
./clean-all
./pkitool --initca
./build-key-server server
./build-dh
./build-key client1

Use the default server config file and save it to /etc/openvpn/openvpn.conf
/etc/init.d/openvpn start


Import your ca.crt, client1.crt and client1.key files onto your client.  Configure your client and try out the connection.  With Android 4's new VPNService, I was able to configure my phone to VPN into my home network.  The Android app was a little confusing to set up, and it was pretty verbose.  I used ES Explorer to download my client keys off of my Samba home directory.  I imported the keys into OpenVPN and was able to make a connection.  It look me a little while to find out how to disconnect.  You have to click the VPN entry in the notification drawer.

I was able to use AndroidVNC to connect to my VNC server.  I had latency issues with ConnectBot ssh'ing to the VPN server.  I have not tried Samba via the VPN, but I'll post a blog entry about that when I do try it out.  In standby mode, the VPN still uses a lot of data.  The VPN works great if you are connected to a Wifi network, but I wouldn't recommend leaving it connected for an extended period of time over a cellular network.  If you need to VPN in over cellular, I would connect, download any files you need, then disconnect.  My VPN connection used about 90mb of data over a 4 hour period while idle.  I have no idea what it was doing.

Posted by at
Labels: , , ,

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)