OpenVPN with xp & win7 clients
Odhiambo Washington
odhiambo at gmail.com
Mon Jul 18 09:28:40 UTC 2016
On 17 July 2016 at 23:18, Ernie Luzar <luzar722 at gmail.com> wrote:
> Odhiambo Washington wrote:
>
>
>>
>> On 17 July 2016 at 18:58, Ernie Luzar <luzar722 at gmail.com <mailto:
>> luzar722 at gmail.com>> wrote:
>>
>> Hello List;
>>
>> I travel outside of my home country a lot and can not access some
>> web site content because internet connection is from foreign ip
>> address range.
>>
>> I see many how-tos for installing and configuration VPN on a FreeBSD
>> host. But all most all of these how-tos assume the client will be a
>> FreeBSD box also. In my case I have 2 laptops I travel with, win xp
>> & win7. The official OpenVPN website does offer clients for xp &
>> win7 but configuration info is not available.
>>
>> Looking for how-to to setup VPN client on xp & win7.
>>
>>
>>
>> For Windows client, use the following:
>> http://download.securepoint.de/?d=Securepoint%20SSL%20VPN%20Client/v1.0.3
>>
>>
>>
>> The FreeBSD handbook has section on IPsec/VPN, but again it assumes
>> server and client is a FreeBSD host. Looking for how-to on setting
>> up IPsec/VPN on xp & win7.
>>
>>
>> For setting up the server, use the following: Use this link:
>> http://linoxide.com/linux-how-to/install-configure-openvpn-freebsd-10-2/
>>
>>
>> I have 2 concerns. How much hesitation will VPN inject into watching
>> tv programs or movies on my laptops in a foreign country? Will
>> IPsec/VPN inject longer hesitations?
>>
>>
>> I cannot tell about the latencies (I guess that is what you call
>> hesitation :-)) because I haven't tried it.
>>
>>
>> Can I use the remote VPN client to start the show streaming and then
>> have the VPN host record the program? Later down loading the program
>> file to my laptop for viewing?
>>
>>
>> That is beyond the scope of FreeBSD questions I guess :-)
>> But maybe someone has done it and will give you their story.
>>
>>
>>
>
> " For setting up the server, use the following: Use this link:
> http://linoxide.com/linux-how-to/install-configure-openvpn-freebsd-10-2/"
>
> That link content is out-dated. The openvpn port/pkg does not include the
> easy-rsa scripts build-ca, build-key-server, build-key, build-dh that are
> described in that how-too. The certificates are the backbone of security
> for VPN and without correct documentation that how-to is useless. To make
> things even worse, the easy-rsa port is lacking a manual page.
>
>
That link is very comprehensive, but also if you applied a little common
sense, you'd realize that you can install easy-rsa either using the pkg or
ports. That's what I did and things work so well.
root at waridi:/usr/local/etc/fail2ban # locate easy-rsa
/usr/ports/security/easy-rsa
/usr/ports/security/easy-rsa/Makefile
/usr/ports/security/easy-rsa/distinfo
/usr/ports/security/easy-rsa/files
/usr/ports/security/easy-rsa/files/easyrsa.in
/usr/ports/security/easy-rsa/pkg-descr
/usr/ports/security/easy-rsa/pkg-plist
/usr/ports/security/easy-rsa2
/usr/ports/security/easy-rsa2/Makefile
/usr/ports/security/easy-rsa2/distinfo
/usr/ports/security/easy-rsa2/pkg-descr
/usr/ports/security/easy-rsa2/pkg-plist
root at waridi:/usr/local/etc/fail2ban # pkg search -x easy-rsa
easy-rsa-3.0.1_1 Small RSA key management package based on
openssl
easy-rsa2-2.2.2 Small RSA key management package based on
openssl
root at waridi:/usr/local/etc/fail2ban #
I used that link and it works wonders. I have users roaming everywhere. All
I have to do is generate client certs for them, download it to their PCs,
install the VPN client, configure it (change tun to tap, enable lzo,
disable prompting for username/password) and voila!
Well, just search around for other HOWTOs.
--
Best regards,
Odhiambo WASHINGTON,
Nairobi,KE
+254 7 3200 0004/+254 7 2274 3223
"Oh, the cruft."
More information about the freebsd-questions
mailing list