The ACM hosts 3 different VPNs for accessing our local network that vary by purpose.
Typical Use of each network
For access to VPN 2 (User Auth), just download this zip file and follow the directions below
For access to VPN 1 (Host Based), email email@example.com with a request. Include your acm login and the host name of your machine. The needed files will be sent to you and the setup will be about the same.
This setup details the setup of the user auth VPN. Setup for the host auth VPN is the same, with the exception of a couple of file names being different. If you need to use the ACM's internal DNS servers, please read the last section
Download the latest version of the OpenVPN installer from http://openvpn.net/index.php/open-source/downloads.html
Select the one that says “Windows Installer” in the first field of the table
(Currently version 2.2.2 as of June 18 2012)
Run the installer, the defaults should be fine
Go to start » Programs » OpenVPN » Shortcuts » OpenVPN configuration file directory
Copy the files from the zip file into that configuration directory, this should include:
Edit the file 'passwd' in notepad to have your UIC ACM username as the first line and your ACM password as the second line. This will prevent you from needing to enter your password each time. (If you do not want to save you login this way then edit the line in the client.ovpn file that says 'auth-user-pass passwd' to say 'auth-user-pass')
Run “OpenVPN GUI” AS ADMIN, OTHERWISE THE ROUTING WILL NOT WORK CORRECTLY
Double click the OpenVPN GUI icon in your taskbar, or right click the icon and then click 'connect' (you will be prompted for your password if you did not use the passwd file)
You should now be connected.
Download the latest Viscosity client from https://webstore.illinois.edu/shop/product.aspx?zpid=2637 )
Download the following file ACM OVPN file
It should say “Connection Imported Viscosity has successfully imported the connection”.
Click the Viscosity Icon and select the UIC-ACM-VPN. This will start the connection with ACM VPN server.
A prompt should pop up asking you to enter your UICACM AD credentials
You should now be connected.
Install the OpenVPN client from your distros offical package repos
sudo apt-get install openvpn
sudo pacman -S openvpn
Throw the files in a directory, or inside the /etc/openvpn directory if you want this VPN connection to be started automatically if you are using the OpenVPN client daemon, after you unzip them
Edit the file 'passwd' in a text editor to have your UIC ACM username as the first line and your ACM password as the second line. This will prevent you from needing to enter your password each time. (If you do not want to save you login this way then edit the line in the client.conf file that says 'auth-user-pass passwd' to say 'auth-user-pass')
To connect run this command inside that directory
sudo openvpn client.conf
Enter your ACM user credentials, if prompted
You should now be connected
Currently when connecting to the internal network via the VPN, your machine will not be automatically reconfigured to use our internal DNS servers for name resolution. This means that you will need to know the internal IP of any machine you wish to connect to inside the ACM network. In order to use our DNS service, you will need to set the DNS servers for the virtual interface manually. Please consult the documentation for your specific operating system configuration on how to manually set the DNS server you are using.
The valid servers are listed below
172.29.13.10 172.29.13.11 172.29.17.12
This contains instructions for server side operations
All server configs live on dvorak in the /etc/openvpn directory. Iptables on the server also needs to allow forwarding from the VPN interfaces tun0, tun1, and tun2.
The gw redirect VPN follows the same procedure, except the directory is /root/easy-rsa-host-gw for the key gen
Follow the directions here
Under: “Revoking Certificates”
You may need to update the server config as mentioned in the How To