Mettle Knowledge
Search:     Advanced search
Browse by category:

SSL VPN Client: Windows Client Configuration

Views: 1707
Votes: 0
Posted: 03 Aug, 2012
by: Knowledge M.
Updated: 17 Apr, 2013
by: Knowledge M.
Getting the SSL certificates from MettleSE

Go to Tools > Certificate Authority Manager > CA
  • Click on the Inverted Triangle next to the corresponding Certificate used in SSL VPN
  • Click Export CA to download the CA Certificate.

Then Go Tools > Certificate Authority Manager > Certificates

  • Click on the Inverted Triangle next to the corresponding User Certificate that you wish to Export.
  • Click Export Certificate to download the User Certificate.
  • Click Export Certificate Key to download the User Key.
Installation and Configuration of OpenVPN Clients in Windows
  • Download the SSL VPN client Installation setup file from http://openvpn.se/download.html.
  • If you have a previous version of the client installed close the program and make sure no user logged into th system is using the VPN client.
  • Run the client installtion program. During installation you can choose if the program should be started automatically at system startup. The default is yes.
  • Create a config.ovpn configuration file with a simple texteditor and save it in: C:\Program files\OpenVPN\config\
  • Copy the previously downloaded client.crt, client.key and ca.crt obtained to C:\Program Files\OpenVPN\config\
Add the following lines to the config.ovpn configuration file

    client
    dev tun
    proto udp
    remote <VPN Server IP> 1194
    resolv-retry infinite
    nobind
    persist-key
    ca ca.crt
    cert client.crt
    key client.key
    cipher AES-128-CBC
    comp-lzo
    verb 5

Note : If the Certificates and Key files are downloaded into the 'config' directory, then the above configuration is enough.
If they are copied into some other directory, the path is to be specified in the following format.

ca "C:\\Path\\to\\ca.crt"
cert "C:\\Path\\to\\client.crt"
key "C:\\Path\\to\\client.key"

The separator '\\' is to be used between the directory names. \\ is intentional.

Connecting to the SSL VPN server

To initiate the SSL VPN tunnel following the creation of the client configuration files:
  • Right click on the SSL VPN client program icon in the Notification Area
  • Select the newly created client configuration
  • Click Connect.
  • Once established, the SSL VPN icon will display a message notifying of the successful connection and assigned IP.
Also read
document SSL VPN: If SSL VPN Clients Want to Access a Subnet other than "Local network"
document SSL VPN: To exclude some Network from using VPN gateway when VPN is set as default gateway for VPN client
document Setting Up SSL-VPN Server
document SSL VPN Client Certificate Creation

Others in this Category
document Choosing a VPN Technology
document SSL VPN: If SSL VPN Clients Want to Access a Subnet other than "Local network"
document SSL VPN Troubleshooting
document SSL VPN: To make SSL VPN client use VPN as the Default Gateway
document SSL VPN: To exclude some Network from using VPN gateway when VPN is set as default gateway for VPN client
document Setting Up SSL-VPN Server
document SSL VPN Client Certificate Creation
document Configuring Client-less SSL VPN



RSS