====== OpenVPN ======

**FreePBX OpenVPN**: http://wiki.freepbx.org/display/FPG/System+Admin+-+VPN+Server

OpenVPN is an SSL-based VPN technology that can run on both Linux and Windows systems.

^TUN |Routed Server  |
^TAP |Bridged Server |

===== Testing Connections =====

<file>
ifconfig

route -n

ping <hostname>

ping <host IP>

cat /etc/resolv.conf
</file>

===== Client =====

==== Routing ====

FIXME

You may find that the VPN connection pushes a new Default Route to your remote workstation.  This can wreak havoc on your VPN networking behavior...or it might be exactly what you want.

If you prefer **not** to route **all** traffic over the VPN connection, try **adding a route on the IPv4 tab** when editing the NetworkManager VPN connection. Try adding a route something like:

|**Setting Name**|**Setting Data**|**Description**|
|address|10.0.0.0|Network subnet behind VPN server|
|netmask|255.0.0.0|Netmask of subnet behind VPN server|
|gateway|10.0.0.1|Remote OpenVPN server's private IP address|
|metric|1000|Won't matter much unless thereare multiple routes to same subnet|
|Ignore automatically obtained routes|Selected (Checked)|Ignore routes pushed from VPN server|
|Use this connection only for resources on this network|Selected (Checked)|Use your local Internet connection for off-VPN resources|

==== Fedora 16 ====

http://www.linuxreaders.com/2010/12/09/openvpn-client-on-fedora/

=== Installation ===

Verify these packages are installed (probably by default):

<file>
sudo yum install openvpn NetworkManager-openvpn
</file>

=== Command Line ===

<file>
cd Dropbox/VPN/MER/
sudo openvpn filename.ovpn
</file>

=== NetworkManager GUI ===

Using NetworkManager for VPN connections is easy for users to manage and doesn't require root or sudo permissions.

:!: If a .ovpn file is provided, use it for clues to configure the NetworkManager VPN connection.

**Click NetworkManager icon -> Network Settings**

**Click + (Plus Symbol) -> VPN -> Create -> OpenVPN**

  * Name of Connection
  * Remote VPN Server (Gateway)
  * Certificates (TLS)
  * Browse to certificate (.p12 file) assigned by OpenVPN admin
    * You might store your VPN configuration files and certs in a Dropbox folder
  * Password assigned by OpenVPN admin
  * Advanced
    * General Tab
      * Use LZO Compression
      * Use Custom MTU - 1400
    * Security Tab
      * Cipher - BF-CBC