|
||||||||
> I am trying to get the OpenVPN part to work, but having some problems. I > created a CA and server cert and pasted it in the M0n0 config - that is not > a problem. But I am getting mixed up when it comes with the client > configuration. I am using the OpenVPN GUI for Windows and set the config > file on the PC like in the M0n0 OpenVPN example. In the file I am supposed > to specify the certs for the CA, the client cert and the client key. Am I > correct to assume that I must then get the CA cert on all the client > machines? > On the client you need a CA cert (the same as the one you installed on the m0n0). You need an SSL client cert issued by that CA and a matching private key. Does that make sense to you? If you are using windoze, then I am not sure how to do this, as I have only ever created certs on a 'nix box. As you have the server side certs then use the same mechanism to create a client cert (just give the client a name is all you need). > Also, can I specify the same port (default 5000) in the config file? Or > must it be 5000, the next one 5001, etc? > The client port is unimportant - just don't specify anything and the OS will assign an unused port. Don't forget to allow incoming UDP to 5000 on the m0n0. > Is there a way to do this without having to visit each client machine? If you are using windoze I doubt it (unless you have SMS maybe). > How does this tie in with Radius authentication? > It doesn't tie in at all - RADIUS is not used by OpenVPN. I suggest that you take a look at some of the tutorials on the OpenVPN site. Peter -- ---------------------------------------------------------------------------- Peter Curran Leveraging Internet Technology Close Consultants for Businesses p: +44-1225-463700 f: +44-1225-463705 e: peter at closeconsultants dot com sip: peter at closeconsultants dot com -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. |