ipcops logo
ipcop support
community support wiki
[[howto:vpns:openvpnroad]]
ipcops.com | ipcop.org | unofficial FAQ
 
You are here: start » howto » vpns » openvpnroad

Roadwarrior to IPCOP via OpenVPN

This tutorial will describe how to get an OpenVPN VPN working between a roadwarrior and IPCOP using Zerina. Before we begin, make sure that your IPCOP setup does not use the following common private IP subnets:

  • 192.168.0.x/24
  • 192.168.1.x/24
  • 10.0.x.x/16

If your IPCOP setup does use one of the above subnets, change it before continuing. This will prevent issues when your roadwarrior is at a WIFI hotspot which uses one of the above subnets.

  1. Download the latest version of Zerina. As of this writing, the latest stable version is ZERINA-0.9.4i
  2. Copy Zerina to IPCOP
  3. From the console:
    • type ’tar -zxvf ZERINA-0.9.4i’ (or current version)
    • type ’./install’
  4. From the web interface, goto ’VPNs – OpenVPN’
    You may have to refresh your page before OpenVPN shows up
  5. Under ’Global Settings’, enter the appropriate information
    • Make sure ’OpenVPN on RED’ is checked
      If you have Blue and/or Orange and want OpenVPN access, check as required
    • Next to ’OpenVPN Subnet(e.g. 10.0.10.0/255.255.255.0)’ set a subnet that will not overlap with any IPCOP subnet or the above common subnets. I suggest you use something like 10.100.0.0/255.255.255.0.
    • Click ’Save’
  6. Under ’Certificate Authorities:’ click ’Generate Root/Host Certificates’
  7. Under ’Generate Root/Host Certificates:’ enter the appropriate information
    • Under ’Organization Name:’ enter your information
    • Under ’IPCOP’s Hostname:’ enter your IPCOP’s Red address or hostname
  8. Click ’Generate Root/Host Certificates’
    • Be patient, this step may take time
  9. Under ’Global settings’ click ’Start OpenVPN Server’
  10. Under ’Client status and control:’ click ’Add’
  11. Under ’Connection Type’ select ’Host-to-Net Virtual Private Network (RoadWarrior)’ and click ’Add’
  12. Under ’Connection:’ enter the appropriate information
    • Next to ’Name:’ enter a name for the connection
    • Make sure ’Enabled’ is checked
    • Next to ’Remark’ enter a comment
  13. Under ’Authentication:’ enter the appropriate information
    • Select ’Generate a certificate:’
    • Next to ’User’s Full Name or System Hostname:’ enter the user’s name
    • Next to ’PKCS12 File Password:’ enter a password
      The password here will be required before OpenVPN will attempt to connect to IPCOP
    • Next to ’PKCS12 File Password: (confirmation)’ re-enter your password
  14. Click ’Save’
  15. Repeat steps 10 through 14 for additional OpenVPN clients
howto/vpns/openvpnroad.txt · Last modified: 2008/09/24 00:12 by ds531