mirror/openvpn-install
1
0
Fork 0
mirror of https://github.com/Nyr/openvpn-install.git synced 2024-11-24 05:56:08 +03:00
Code Issues Projects Releases Wiki Activity
7d6e9bf1e1
openvpn-install/Documentation/client-ssl.md

4.7 KiB
Raw Blame History

Client Setup: OpenVPN over SSL

Table of Contents

Windows

  • Configure stunnel
    • Download and install stunnel
    • Copy stunnel.conf and stunnel.crt to the config folder in stunnel's install directory.
      • On 64-bit Windows systems, stunnel's install directory is C:\Program Files (x86)\stunnel, unless you changed it during installation.
      • On 32-bit Windows systems, stunnel's install directory is C:\Program Files\stunnel, unless you changed it during installation.
    • Start stunnel by launching stunnel GUI start from the Start Menu
    • Locate the stunnel icon in the Task Bar, right click, and select Edit Configuration
    • Copy everything in stunnel.conf and paste into the stunnel configuration file. Save and close it after editing.
    • Right click on the stunnel icon again, and select Reload Configuration
  • Configure OpenVPN
    • Download and install OpenVPN
    • Start OpenVPN GUI from the Start Menu
    • Locate the OpenVPN icon in the Task Bar, right click, and select Import file...
    • Select your OVPN file
    • Right click on the OpenVPN icon again, and select Connect
  • To disconnect
    • Locate the OpenVPN icon in the Task Bar, right click, and select Disconnect
    • Locate the stunnel icon in the Task Bar, right click, and select Exit

MacOS

  • Configure stunnel

    • Install Homebrew

    • Install stunnel via Homebrew by running this in Terminal:

      brew install stunnel

    • Open stunnel.conf with a text editor (e.g. TextEdit), locate this line:

      CAfile = /etc/stunnel/stunnel.crt

      Replace the entire line with:

      CAfile = /usr/local/etc/stunnel/stunnel.crt

    • Configure and start stunnel

      # In order to run these, you need to log in to your Mac with an administrator account. 
# When prompted for password, enter the password of the current user,

# Run this in the directory that contains 'stunnel.conf' and 'stunnel.crt'
sudo cp stunnel.conf stunnel.crt /usr/local/etc/stunnel/
# Start stunnel
sudo stunnel

  • Configure OpenVPN

    • Download and install Tunnelblick
    • Locate your OVPN file in Finder, and double-click to open it.
    • Locate the Tunnelblick icon on the top-right corner. Click on it, and select the server you want to connect to.

  • To disconnect

    • Locate the Tunnelblick icon on the top-right corner. Click on it, and select Disconnect All.
    • To stop stunnel, run this in Terminal: sudo killall stunnel

Linux

  • Install stunnel and openvpn on your device.

    # Debian/Ubuntu
sudo apt install -y stunnel openvpn

# CentOS/RHEL
sudo yum install -y epel-release
sudo yum install -y stunnel openvpn

# Fedora
sudo dnf install -y stunnel openvpn

  • Configure and start stunnel

    # Run this in the directory that contains 'stunnel.conf' and 'stunnel.crt'
sudo cp stunnel.conf stunnel.crt /etc/stunnel/
# Start stunnel
sudo stunnel

  • Connect to OpenVPN

    # Run this in the directory that contains your OVPN file
# Replace 'client' with your OVPN filename
openvpn --config client.ovpn

  • To disconnect

    # Stop OpenVPN
sudo killall openvpn

# Stop stunnel
sudo killall stunnel

Android

  • OpenVPN is supported on Android, but OpenVPN over SSL support isn't very good.
  • If you installed OpenVPN without SSL, see Client Setup: OpenVPN

iOS

  • OpenVPN is supported on iOS, but OpenVPN over SSL is not supported.
  • If you installed OpenVPN without SSL, see Client Setup: OpenVPN

Troubleshooting

  • If you're unable to connect to your server with OpenVPN...

    • Please check if stunnel is running on your device.

      • On Windows, check if the stunnel icon is present in the Task Bar (bottom right).
      • Run this to check on MacOS or Linux (both client and server)
      # You should see stunnel in the output
ps -A | grep stunnel

    • Also check if both stunnel and OpenVPN are running on your server.

      # You should see stunnel in the output
ps -A | grep stunnel

# You should see openvpn in the output
ps -A | grep openvpn

    • If you still can't connect, try removing and reinstalling OpenVPN on your server.

      • Run the install script and select Uninstall
      • Run the install script again and make sure you enter the correct information.