Changes for page VPN Access

Last modified by Thomas Coelho on 2022/10/18 14:57

From 1.2 to 2.1

From version 2.1

edited by Thomas Coelho
on 2022/10/18 14:55

Change comment: There is no comment for this version

To version 3.1

edited by Thomas Coelho
on 2022/10/18 14:57

Change comment: There is no comment for this version

Raw
Rendered

Summary

Page properties (1 modified, 0 added, 0 removed)

Details

Page properties

Content

@@ -8,11 +8,12 @@
  It is available for Windows and MacOS too.
--=== Install OpenVPN ===
++=== Install OpenVPN ===
++
  It is not part of the default installation, but can easily installed using apt. Enter the following commands:
--  sudo apt install openvpn
++{{{  sudo apt install openvpn}}}
  This requires to enter your password to get super user privileges.
@@ -23,8 +23,7 @@
  This configuration routes all traffic trough ITP. This is useful if you want to download papers, which are restricted to the university network.
  The second examples only routes the traffic going directly to the ITP trough the VPN and leaves your default gateway untouched. The only difference is the missing 'redirect-gateway' statement [http://th.physik.uni-frankfurt.de/~thw/vpn/all-via-itp.ovpn]
--<pre>
--client
++{{{client
  dev tun
  proto udp
  nobind
@@ -36,7 +36,7 @@
  ca private-ca-itp.crt
  # Comment this, if you don't want to redirect the default gateway
  redirect-gateway def1
--</pre>
++}}}
  Download our CA (Certificate of Authority) [http://th.physik.uni-frankfurt.de/~thw/vpn/private-ca-itp.crt] and store it in the same place. This file is needed for the verification of the authenticity of the server.
@@ -59,7 +59,7 @@
  === Start the VPN connection ===
  Open a terminal and change to the path where the vpn config file is stored. Start the connection with
--
++
    sudo openvpn itp.ovpn
  where itp.ovpn is the name of the config file. openvpn needs root access, therefore you must enter your local password for sudo. After this you have to enter your ITP credentials (Username and Password).
@@ -77,13 +77,13 @@
  Fri Dec  7 15:03:02 2012 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
  Fri Dec  7 15:03:02 2012 /sbin/ifconfig tap0 10.63.131.1 netmask 255.255.0.0 mtu 1500 broadcast 10.63.255.255
  Fri Dec  7 15:03:02 2012 Initialization Sequence Completed
--</pre>
++</pre>--
  Termiate the session by pressing Ctrl-C in this terminal.
--==OpenVPN for Windows 10==
++== OpenVPN for Windows 10 ==
--At the time of writing, you can download OpenVPN on 'https://openvpn.net/community-downloads/'.
++At the time of writing, you can download OpenVPN on '[[https:~~/~~/openvpn.net/community-downloads/'.>>https://openvpn.net/community-downloads/'.]]
  Download the exe-file for Windows 10 and install OpenVPN.
  Start 'OpenVPN GUI'. You will get a message that no config file was found. But starting 'OpenVPN GUI' creates a directory to put the config files into.
@@ -107,7 +107,7 @@
  [[File:Openvpn-win10-4.png|center]]
--==MacOS (tunnelblick)==
++== MacOS (tunnelblick) ==
  First download the itp certificate [http://th.physik.uni-frankfurt.de/~thw/vpn/private-ca-itp.crt] and configuration file [http://th.physik.uni-frankfurt.de/~thw/vpn/all-via-itp.ovpn]. If a '.txt' was added to the configuration file name, remove the ending '.txt'. At the end the two files should normally be namend 'private-ca-itp.crt' and 'all-via-itp.ovpn'.
@@ -131,11 +131,12 @@
  In this case the configuration file and the certificate are located in '/Library/Application Support/Tunnelblick/Shared/all-via-itp.tblk/Contents/Resources'. If you need to edit or replace the configuration file or the certificate, this can be done in this directory. If there is just the configuration file in the directory, then copy the certificate to the in the log mentioned directory.
--==Problems changing the vpn settings in tunnelblick (macOS)==
++== Problems changing the vpn settings in tunnelblick (macOS) ==
--There were problems reported when switching in tunnelblick from the old vpn (vpn.th.physik.uni-frankfurt.de with tap) to the new one (vgw.itp.uni-frankfurt.de with tun). You also have this problem if, after applying the new configuration file itp.ovpn, the vpn does not work and the output contains a line containing 'vpn.th.physik.uni-frankfurt.de'. Search the output for a line beginning with '--config' and ending on '.ovpn'. This line specifies which configuration file (.ovpn) is used to establish the vpn connection and where it is located. Edit this file to have the same content as the itp.ovpn [http://th.physik.uni-frankfurt.de/~thw/vpn/itp.ovpn] (most likely the lines 2, 5 and 6 need to be edited).
++There were problems reported when switching in tunnelblick from the old vpn (vpn.th.physik.uni-frankfurt.de with tap) to the new one (vgw.itp.uni-frankfurt.de with tun). You also have this problem if, after applying the new configuration file itp.ovpn, the vpn does not work and the output contains a line containing 'vpn.th.physik.uni-frankfurt.de'. Search the output for a line beginning with '--config' and ending on '.ovpn'. This line specifies which configuration file (.ovpn) is used to establish the vpn connection and where it is located. Edit this file to have the same content as the itp.ovpn [http://th.physik.uni-frankfurt.de/~thw/vpn/itp.ovpn] (most likely the lines 2, 5 and 6 need to be edited).--
--==Warning in tunnelblick (macOS)==
++== Warning in tunnelblick (macOS) ==
++
  If you get the following warning, you can check the box and click OK.
  [[File:Tb-warn.png|center|500px]]
@@ -144,4 +144,3 @@
  When importing the configuration, the crt file is copied to somewhere in the system (see above). If you replace the crt file in your download or whatever folder it will not be used. The simpliest way to fix this is to delete the configuration from Tunnelblick and reimport it. Make sure the option "Route all traffic through the VPN" is checked (see instrcutions above).
  This is needed after the replacment of the CA certificate in Nov 2020. This lives for 5 years. Next replacment will be in 2025, if we are still using openVPN then.
--

Changes for page VPN Access

Summary

Details

Applications

Navigation