[ previous ] [ next ] [ threads ]
 
 From:  Vincent Fleuranceau <vincent at bikost dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: AW: [m0n0wall] VPN between 2 M0n0wals
 Date:  Thu, 28 Oct 2004 09:59:17 +0200 
-------- Original Message --------

> As far as I know it should work with OpenVPN which is supported in
> the latest beta 1.2b2. I´m also trying to get this configuration
> running, but I´m not really sure how to generate the needed
> certificates. Maybe someone could write a nice Howto and which
> certificate is needed for what purpose and how to create the
> certificates. I downloaded the OpenVPN-Win32-Implementation and was
> able to generate a key, but there are some other things needed for
> the tunnel, which I don´t know how to get.

Holger,

To get started, you can test your config with the certificates and keys 
provided with the Linux version of OpenVPN (openvpn-2.0_beta12.tar.gz): 
they are in the "sample-keys" folder. If I remember, these files are not 
provided in the Windows openvpn-2.0_beta11-install.exe file...

NOTE: These keys are for testing purposes only.
       Don't use these keys for any real work as they
       are totally insecure!

On the server:

  tmp-ca.crt -> CA certificate
  server.crt -> Server certificate
  server.key -> Server key
  dh1024.pem -> DH parameters

On the client:

  tmp-ca.crt -> CA certificate
  client.crt -> Client certificate
  client.key -> Client key


NOTE: when you generate and validate your own certificates and keys,
       the files may have different names and extensions.

Tell us what else you need to know. I'll see if I can help. But as I've 
mentioned earlier, I have *not* managed to get my m0n0 <--> m0n0 setup 
work. I can only tell you what I've gathered from my own experiments. In 
particular, I can tell you I've experienced PATH related problems with 
the .bat files when OpenVPN was installed in the "Program Files" folder 
(default location) on my Windows 2000 workstation...

Finally, I (or someone else) may one day write something about OpenVPN 
support in m0n0wall. But that does not prevent anyone from searching for 
and reading the available docs. And I'm not sure your questions are 
m0n0wall 100% specific, so I recommend to read the available documents 
at: http://openvpn.sourceforge.net/articles.html

Cheers,

-- Vincent