Line 1: |
Line 1: |
| + | <table class="nd-othertables_2"> |
| + | <tr> |
| + | <th width="325;" style="border-bottom: 1px solid white;"></th> |
| + | <th rowspan="2;" width="820;" style="border-bottom: 1px solid white;">[[File:Networking rutxxx configuration openvpn topology v1.png|alt=|border|class=tlt-border|right|750x750px]]</th> |
| + | </tr> |
| + | <tr> |
| + | <td style="border-bottom: 1px solid white"> |
| + | {| align="center" |
| + | |__TOC__ |
| + | |} |
| + | </td> |
| + | </tr> |
| + | </table> |
| + | |
| ==Configuration overview and prerequisites== | | ==Configuration overview and prerequisites== |
| | | |
Line 9: |
Line 23: |
| When the scheme is realized, home workers will be able to reach the corporation’s internal network with all internal systems, allowing working from home to be possible. | | When the scheme is realized, home workers will be able to reach the corporation’s internal network with all internal systems, allowing working from home to be possible. |
| | | |
− | ==Configuring OpenVPN from the client-side== | + | ==Configuring OpenVPN from the client-side == |
| ===TLS Certificates=== | | ===TLS Certificates=== |
| *Firstly generate TLS certificates on your Windows Computer, you can find instructions on how to do it [[How to generate TLS certificates (Windows)?|here]]. | | *Firstly generate TLS certificates on your Windows Computer, you can find instructions on how to do it [[How to generate TLS certificates (Windows)?|here]]. |
| *After you've successfully generated TLS certificates you will need to create a '''.ovpn''' file for storing client configurations. Simply open any text editor and follow [[OpenVPN client on Windows|this]] tutorial. | | *After you've successfully generated TLS certificates you will need to create a '''.ovpn''' file for storing client configurations. Simply open any text editor and follow [[OpenVPN client on Windows|this]] tutorial. |
− | *'''Important: in your .ovpn file certificates you will need to copy are:'''[[File:Ovpn1.png|frame]] | + | *'''Important: in your .ovpn file certificates you will need to copy are:''' |
− | **In '''<ca> </ca>''' paste whole certificate from '''/easy-rsa/pki/ca.crt'''
| + | *In '''<ca> </ca>''' paste whole certificate from '''/easy-rsa/pki/ca.crt''' |
− | **IN '''<cert></cert>''' paste whole certificate from '''/easy-rsa/pki/issued/"your_client_name".crt'''
| + | *IN '''<cert></cert>''' paste whole certificate from '''/easy-rsa/pki/issued/"your_client_name".crt''' |
− | **And in the last section '''<key></key>''' paste whole private key from '''/easy-rsa/pki/private/"your_client_name".key'''
| + | * And in the last section '''<key></key>''' paste whole private key from '''/easy-rsa/pki/private/"your_client_name".key''' |
− | **One more thing to change in your .ovpn file is to change the IP address to your router's '''public IP address:'''
| + | *One more thing to change in your .ovpn file is to change the IP address to your router's '''public IP address''' |
| + | [[File:Networking rutxxx configuration openvpn certification file.jpg|alt=|border|class=tlt-border]] |
| | | |
| + | *Now you can '''Save''' and '''Import''' your '''.ovpn''' file to the OpenVPN client by right-clicking on OpenVPN GUI in the hidden icons tray and navigating to '''Import → Import File'''. |
| + | [[File:Networking rutxxx configuration certificate import.jpg|alt=|border|class=tlt-border]] |
| | | |
| + | Do not connect yet to your VPN client, we still have to configure the server. |
| | | |
| + | ==Configuring OpenVPN from the server-side== |
| + | <table class="nd-othertables_2"> |
| + | <tr> |
| + | <th width="355;" style="border-bottom: 1px solid white;"></th> |
| + | <th rowspan="2" width="790;" style="border-bottom: 1px solid white;">[[File:Rutos_OpenVPN_7,8_Add_server.png|alt=|right|770x770px]]</th> |
| + | </tr> |
| + | <tr> |
| + | <td style="border-bottom: 1px solid white;"> |
| + | Login to the router's WebUI and navigate to the '''Services → VPN → OpenVPN''' page and do the following: |
| + | <ol> |
| + | <li>Enter a '''custom configuration name'''</li> |
| + | <li>Select '''Role: Server'''. |
| + | </li> |
| + | <li>Click the '''Add''' button.</li> |
| + | </ol> |
| + | </td> |
| + | </tr> |
| + | </table> |
| | | |
− | *Now you can import your '''.ovpn''' file to the OpenVPN client by right-clicking on OpenVPN GUI in the hidden icons tray and navigating to '''Import > Import File'''. | + | <br> |
− | [[File:Ovpn2.png|left|thumb|336x336px]]
| + | ----<table class="nd-othertables_2"> |
− | | + | <tr> |
| + | <th width="355;" style="border-bottom: 1px solid white;"></th> |
| + | <th rowspan="2" width="790;" style="border-bottom: 1px solid white;">[[File:Rutos_OpenVPN_7,8_Add_server_config.png|alt=|border|right|770x770px]]</th> |
| + | </tr> |
| + | <tr> |
| + | <td style="border-bottom: 1px solid white"> |
| + | <ol> |
| + | * '''Enable''' OpenVPN instance. |
| + | * In '''Virtual network IP address''' type: '''192.168.15.0''' |
| + | * '''Virtual network netmask''' select: '''255.255.255.0''' |
| + | </ol> |
| + | </td> |
| + | </tr> |
| | | |
| + | </table> |
| + | ---- |
| + | <br> |
| + | <table class="nd-othertables_2"> |
| + | <tr> |
| + | <th width="355;" style="border-bottom: 1px solid white;"></th> |
| + | <th rowspan="2" width="790;" style="border-bottom: 1px solid white;">[[File:Rutos_OpenVPN_7,8_Add_server_config_2.png|alt=|border|right|770x770px]]</th> |
| + | </tr> |
| + | <tr> |
| + | <td style="border-bottom: 1px solid white"> |
| + | <ol> |
| + | * The last thing left to do is to upload '''Certificates''', firstly upload '''Certificate authority''' ('''ca.crt''' file) |
| + | * Upload '''Server certificate''' ('''server.crt''' file) |
| + | * Upload '''Server key''' ('''server.key''' file) |
| + | * Press '''SAVE & APPLY''' button |
| + | * Leave everything else as default |
| + | </ol> |
| + | </td> |
| + | </tr> |
| + | </table> |
| + | ---- |
| + | ==Connecting to the OpenVPN server == |
| | | |
| + | If everything was configurated correctly your OpenVPN server should be '''Active''': |
| + | [[File:Rutos_OpenVPN_7,8_status_server.png|alt=|border|1008x1008px|class=tlt-border]] |
| | | |
| + | Now let's try to connect from a '''client''' to the '''server'''. |
| | | |
| + | On your Windows machine right-click on '''OpenVPN GUI''' '''→''' Select your client → Press Connect |
| | | |
| + | [[File:Networking rutxxx configuration openvpn connect to the client.jpg|alt=|border|class=tlt-border]] |
| | | |
| + | If the connection was successful then you will get the following notification: |
| | | |
| + | [[File:Networking rutxxx configuration successful connection.jpg|alt=|border|class=tlt-border]] |
| | | |
− | Do not connect yet to your vpn client, we still have to configure the server.
| + | To test if the connection is working properly on your Windows machine open '''CMD''' and type ping '''192.168.15.1''' (server's VPN IP) you should get a similar response: |
| | | |
− | ==Configuring OpenVPN from the server-side==
| + | [[File:Networking rutxxx configuration cmd ping to the server.jpg|alt=|border|class=tlt-border]] |
− | *Firstly open your router's WebUI and navigate to '''Services > VPN > OpenVPN'''
| |
− | *
| |