Incode Systems Logo Incode Systems, Inc.
www.incodesystems.com
Please E-mail: webmaster [at] incodesystems.com if you have information to contribute.
(Last modified: Monday, September 4, 2017 2:06 pm)

OpenVPN is open source software that provides a secure way to connect to a remote local area network (LAN) from the internet. Once connected, all data to and from the client computer is encrypted. A VPN consists of Server software (on the LAN being accessed) and Client software (on the LAN or the computer accessing the remote LAN).

OpenVPN Server

OpenVPN Server may be installed on gateway computer that provides internet access to a Local Area Network (LAN), which is the network inside your building. Linux servers are often used as gateways. Specialized software configurations, like pfSense are usually dedicated to this purpose and provide firewall capabilites as well as an OpenVPN server built-in. A low cost way to setup an OpenVPN server is to use a router that can run OpenVPN server. The open source project DD-WRT is software that can be "flashed" to a number of inexpensive routers to provide OpenVPN server for a LAN. If your network already has an OpenVPN server, your network administrator can provide information about how to connect from your client machine(s).

OpenVPN Client

OpenVPN Client may be run from a gateware server on your LAN or software from your client machine. When run from the gateway, all computers in the LAN access the VPN as though on the same network. When client software is run, only the client has access to the VPN.

You need files from the VPN Server to connect your client to the VPN: {ServerName}.crt
{ClientName}.crt
{ClientName}.key

{ServerName}.ovpn is the name of a text file which is a configuration file used by the client to import the certificate (.crt) and key (.key) files above. Your network administrator can provide these files. A {ServerName}.ovpn may be created for new client by making a copy of an existing .ovpn file for another client and change the following lines in the file:

--------clip
ca {ServerName}.crt
cert {ClientName}.crt
key {ClientName}.key
--------clip

A .p12 file is a file that contains both the .crt and .key data, allowing a single import of the client files.

OpenVPN Android Client

OpenVPN Connect on Google Play Store is OpenVPN client software for your Android device (like your cell phone or tablet). Install this app like any other app, then:
- Copy all files described above to your device by downloading the files, cable your device to a computer and copy files, or use an app like ES File Explorer.
While you could email these files as attachments and save the attachments to your device, this is not recommended because these files would enable anyone to connect to your VPN and an ordinary internet email attachment is not a secure way to send a file. If email is your only practical option, encrypt files before attaching them. You could use a ZIP utility that supports password protection and use a long and strong password (suggest password length of 24 with random upper lower case, numbers and special characters like !@#$%). The Download directory may be used on your device as files may be deleted after they are imported)

- Open the OpenVPN app

- Select Menu / Import Profile from SD card
- Select the .ovpn file

- Select Menu / Import PKCS#12 from SD card
- Select the .p12 file