229
edits
Changes
Connecting to the office network remotely from your home via VPN (OpenVPN) using RUTX (view source)
Revision as of 13:49, 5 August 2024
, Yesterday at 13:49no edit summary
<table class="nd-othertables_2">
<tr>
<th width="325;" style="border-bottom: 1px solid white;"></th>
<th rowspan="2;" width="820;" style="border-bottom: 1px solid white;">[[File:Networking rutxxx configuration openvpn topology v1.png|alt=|border|class=tlt-border|right|750x750px]]</th>
</tr>
<tr>
<td style="border-bottom: 1px solid white">
{| align="center"
|__TOC__
|}
</td>
</tr>
</table>
==Configuration overview and prerequisites==
==Configuration overview and prerequisites==
When the scheme is realized, home workers will be able to reach the corporation’s internal network with all internal systems, allowing working from home to be possible.
When the scheme is realized, home workers will be able to reach the corporation’s internal network with all internal systems, allowing working from home to be possible.
==Configuring OpenVPN from the client-side==
==Configuring OpenVPN from the client-side ==
===TLS Certificates===
===TLS Certificates===
*Firstly generate TLS certificates on your Windows Computer, you can find instructions on how to do it [[How to generate TLS certificates (Windows)?|here]].
*Firstly generate TLS certificates on your Windows Computer, you can find instructions on how to do it [[How to generate TLS certificates (Windows)?|here]].
*In '''<ca> </ca>''' paste whole certificate from '''/easy-rsa/pki/ca.crt'''
*In '''<ca> </ca>''' paste whole certificate from '''/easy-rsa/pki/ca.crt'''
*IN '''<cert></cert>''' paste whole certificate from '''/easy-rsa/pki/issued/"your_client_name".crt'''
*IN '''<cert></cert>''' paste whole certificate from '''/easy-rsa/pki/issued/"your_client_name".crt'''
*And in the last section '''<key></key>''' paste whole private key from '''/easy-rsa/pki/private/"your_client_name".key'''
* And in the last section '''<key></key>''' paste whole private key from '''/easy-rsa/pki/private/"your_client_name".key'''
*One more thing to change in your .ovpn file is to change the IP address to your router's '''public IP address'''
*One more thing to change in your .ovpn file is to change the IP address to your router's '''public IP address'''
[[File:Ovpn1.png|border|class=tlt-border]]
[[File:Networking rutxxx configuration openvpn certification file.jpg|alt=|border|class=tlt-border]]
*Now you can '''Save''' and '''Import''' your '''.ovpn''' file to the OpenVPN client by right-clicking on OpenVPN GUI in the hidden icons tray and navigating to '''Import → Import File'''.
*Now you can '''Save''' and '''Import''' your '''.ovpn''' file to the OpenVPN client by right-clicking on OpenVPN GUI in the hidden icons tray and navigating to '''Import → Import File'''.
[[File:Ovpn2.png|border|class=tlt-border]]
[[File:Networking rutxxx configuration certificate import.jpg|alt=|border|class=tlt-border]]
Do not connect yet to your VPN client, we still have to configure the server.
Do not connect yet to your VPN client, we still have to configure the server.
<tr>
<tr>
<th width="355;" style="border-bottom: 1px solid white;"></th>
<th width="355;" style="border-bottom: 1px solid white;"></th>
<th rowspan="2" width="790;" style="border-bottom: 1px solid white;">[[File:Ovpn3.png|alt=|right|770x770px|border]]</th>
<th rowspan="2" width="790;" style="border-bottom: 1px solid white;">[[File:Rutos_OpenVPN_7,8_Add_server.png|alt=|right|770x770px]]</th>
</tr>
</tr>
<tr>
<tr>
<td style="border-bottom: 1px solid white;">
<td style="border-bottom: 1px solid white;">
Login to the router's WebUI and navigate to the '''Services → VPN → OPENVPN''' page and do the following:
Login to the router's WebUI and navigate to the '''Services → VPN → OpenVPN''' page and do the following:
<ol>
<ol>
<li>Enter a '''custom configuration name'''</li>
<li>Enter a '''custom configuration name'''</li>
</li>
</li>
<li>Click the '''Add''' button.</li>
<li>Click the '''Add''' button.</li>
</ol>
</ol>
</td>
</td>
</tr>
</tr>
</table>
</table>
<br>
<br>
<tr>
<tr>
<th width="355;" style="border-bottom: 1px solid white;"></th>
<th width="355;" style="border-bottom: 1px solid white;"></th>
<th rowspan="2" width="790;" style="border-bottom: 1px solid white;">[[File:Ovpn4.png|alt=|right|770x770px|border]]</th>
<th rowspan="2" width="790;" style="border-bottom: 1px solid white;">[[File:Rutos_OpenVPN_7,8_Add_server_config.png|alt=|border|right|770x770px]]</th>
</tr>
</tr>
<tr>
<tr>
<td style="border-bottom: 1px solid white">
<td style="border-bottom: 1px solid white">
<ol>
<ol>
* '''Enable''' OpenVPN instance.
* In '''Virtual network IP address''' type: '''192.168.15.0'''
* '''Virtual network netmask''' select: '''255.255.255.0'''
</ol>
</td>
</td>
</tr>
</tr>
</table>
</table>
----
<br>
<br>
<table class="nd-othertables_2">
<tr>
<tr>
<th width="355;" style="border-bottom: 1px solid white;"></th>
<th width="355;" style="border-bottom: 1px solid white;"></th>
<th rowspan="2" width="790;" style="border-bottom: 1px solid white;">[[File:Ovpn5.png|alt=|right|770x770px|border]]</th>
<th rowspan="2" width="790;" style="border-bottom: 1px solid white;">[[File:Rutos_OpenVPN_7,8_Add_server_config_2.png|alt=|border|right|770x770px]]</th>
</tr>
</tr>
<tr>
<tr>
<td style="border-bottom: 1px solid white">
<td style="border-bottom: 1px solid white">
<ol>
<ol>
* The last thing left to do is to upload '''Certificates''', firstly upload '''Certificate authority''' ('''ca.crt''' file)
* Upload '''Server certificate''' ('''server.crt''' file)
* Upload '''Server key''' ('''server.key''' file)
* Press '''SAVE & APPLY''' button
* Leave everything else as default
</ol>
</td>
</td>
</tr>
</tr>
</table>
</table>
----
----
==Connecting to the OpenVPN server==
==Connecting to the OpenVPN server ==
If everything was configurated correctly your OpenVPN server should be '''Active''':
If everything was configurated correctly your OpenVPN server should be '''Active''':
[[File:Ovpn6.png|border|class=tlt-border|1008x1008px]]
[[File:Rutos_OpenVPN_7,8_status_server.png|alt=|border|1008x1008px|class=tlt-border]]
Now let's try to connect from a '''client''' to the '''server'''.
Now let's try to connect from a '''client''' to the '''server'''.
On your Windows machine right-click on '''OpenVPN GUI''' '''→''' Select your client → Press Connect
On your Windows machine right-click on '''OpenVPN GUI''' '''→''' Select your client → Press Connect
[[File:Ovpn7.png|alt=|border|class=tlt-border]]
[[File:Networking rutxxx configuration openvpn connect to the client.jpg|alt=|border|class=tlt-border]]
If the connection was successful then you will get the following notification:
If the connection was successful then you will get the following notification:
[[File:Ovpn8.png|alt=|border|class=tlt-border]]
[[File:Networking rutxxx configuration successful connection.jpg|alt=|border|class=tlt-border]]
To test if the connection is working properly on your Windows machine open '''CMD''' and type ping '''192.168.15.1''' (server's VPN IP) you should get a similar response:
To test if the connection is working properly on your Windows machine open '''CMD''' and type ping '''192.168.15.1''' (server's VPN IP) you should get a similar response:
[[File:Cmd_ping.png|alt=|border|class=tlt-border]]
[[File:Networking rutxxx configuration cmd ping to the server.jpg|alt=|border|class=tlt-border]]