| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| general:open_vpn [2023-05-19 12:01] – Markus Rosenstihl | general:open_vpn [2025-01-23 20:02] (current) – [Windows] Markus Rosenstihl |
|---|
| ==== Windows ==== | ==== Windows ==== |
| This will install a preconfigured client: | This will install a preconfigured client: |
| * {{ :general:openvpn-arkani-udp4-1196-install-2.5.2-i601-amd64.exe | 64-bit}} | * {{ :general:openvpn-arkani-udp4-1196-install-2.6.7-i001-amd64.exe | Version 2.6.7 (64-bit)}} |
| * {{ :general:openvpn-arkani-udp4-1196-install-2.5.2-i601-x86.exe | 32-bit}} | * {{ :general:openvpn-arkani-udp4-1196-install-2.5.8-i604-amd64.exe | Version 2.5.8 (64-bit)}} |
| | * {{ :general:openvpn-arkani-udp4-1196-install-2.5.8-i604-x86.exe | Version 2.5.8 (32-bit)}} |
| | |
| | |
| | DO NOT USE {{ :general:arkani-udp4-1194-config.ovpn |}} |
| ==== Mac OS X ==== | ==== Mac OS X ==== |
| Install the [[https://openvpn.net/client-connect-vpn-for-mac-os/|official OpenVPN Client for Mac]] and load the configuration {{:general:arkani-udp4-1196-ios-config.ovpn|file}}. (Note: Tunnelblick may also work, but users reported problems since spring 2022). | Install the [[https://openvpn.net/client-connect-vpn-for-mac-os/|official OpenVPN Client for Mac]] and load the configuration {{:general:arkani-udp4-1196-ios-config.ovpn|file}}. (Note: Tunnelblick may also work, but users reported problems since spring 2022). |
| |
| ==== Linux ==== | ==== Linux ==== |
| Install network-manager-openvpn and/or network-manager-openvpn-gnome. Then you can load the configuration:{{:general:arkani-udp4-1196-config.ovpn|file}} | Install network-manager-openvpn and/or network-manager-openvpn-gnome. Then you can load the configuration bundle: |
| | |
| | {{ :general:arkani-udp4-1196-bundle.ovpn }} |
| | |
| | (Note: the file before 2024-02-02 had the certificates missing) |
| |
| {{:general:import_openvpn.png?400|}} | {{:general:import_openvpn.png?400|}} |
| |
| ==== Android/iOS ==== | ==== Android/iOS ==== |
| Install [[https://play.google.com/store/apps/details?id=net.openvpn.openvpn&hl=en&gl=US|OpenVPN Connect]]. Then you can download the configuration {{:general:arkani-udp4-1196-ios-config.ovpn|file}} and import it in the app. | Install [[https://play.google.com/store/apps/details?id=net.openvpn.openvpn&hl=en&gl=US|OpenVPN Connect]]. Then you can download the configuration {{:general:arkani-udp4-1196-ios-config.ovpn|arkani-udp4-1196-ios-config.ovpn}} and import it in the app. |
| | |
| | ==== ChromeOS (Flex) ==== |
| | |
| | For ChromeOS use the OpenVPN Connect client (see Android). |
| | For ChromeOS Flex, when you can not install the OpenVPN Connect Client, use {{ :general:ipkm.onc.txt |this}} configuration. Rename it to ''ipkm.onc'', then import the file by browsing with Chrome to [[chrome://network]]. |
| | |
| | {{:general:screenshot_2024-01-05_09.07.57.png?nolink&400|}} |
| | {{:general:screenshot_2024-01-05_09.09.36.png?nolink&400|}} |
| | ===== Access to your desktop ===== |
| | |
| | * For the Vogel group follow this [[agvogel:remote_access|link]] |
| | |
| | You can use [[https://rustdesk.com/|"RustDesk"]] on Linux, Mac, IOS, Android and Windows. In order to make it secure please change the default configuration so that your PC in the IPKM network is not advertised in the internet by the default rustdesk relay server. While this makes it very simple for you to access your PC, it also makes it easy for others, not necessarily friendly, people. |
| |
| | For that reason we have our own relay server for rustdesk, which is only reachable within the OpenVPN connection: |
| |
| ==== Access to your desktop ==== | * ID Server: 192.168.10.11 |
| You can use "rustdesk" on Linux, Mac and Windows. In order to make it secure please change the default configuration so that your PC in the IPKM network is not advertised in the internet by the default rustdesk relay server. While this makes it very simple for you to access your PC, it alse makes it easy for others. | * Relay Server: 192.168.10.11 |
| Therefor we have run own relay server for rustdesk only reacheable in our VPN: | * API Server: http://192.168.10.11 |
| | * Key: FRSRRBBCbaNPkycrLIYFJJ7VZoFH3SQBJ1AkUjNV4vo= |
| |
| * ID Server: 192.168.10.11 | Configuration is relatively simple: |
| * Relay Server: 192.168.10.11 | - Open RustDesk |
| * API Server: http://192.168.10.11 | - Click on Settings (three vertikal dots), then ID/Relay Server |
| * Key: FRSRRBBCbaNPkycrLIYFJJ7VZoFH3SQBJ1AkUjNV4vo= | - Set it according to the screenshot |
| |
| Configuration is simple: | The protection behind the VPN means also that *currently* the Drossel group can not use this relay server. |
| - Open RustDesk | We are working on a solution. |
| - Click on Settings (three vertikal dots), then ID/Relay Server | |
| - Set it according to the screenshot | |
| |
| {{:general:2023-05-19_11-58.png?nolink&200 |}}{{:general:2023-05-19_11-52.png?nolink&200 |}} | {{:general:2023-05-19_11-58.png?nolink&400 |}}{{:general:2023-05-19_11-52.png?nolink&400 |}} |
| |
| =====VPN from the HRZ===== | =====VPN from the HRZ===== |
| |
| This is for access of data in the HRZ intranet, for example formulars. You could also use one of the VPN connections above. For this one to work you need your TU-ID. This service is provided by HRZ and is independent of the IPKM services. In case our VPN is down you can use this to at least access papers fo example. | This is for access of data in the HRZ intranet, for example forms and SAP applications. You could also use one of the VPN connections above. For this one to work you need your TU-ID. This service is provided by HRZ and is independent of the IPKM services. In case our VPN is down you can use this to at least access papers fo example. |
| <WRAP center round important 60%> | <WRAP center round important 60%> |
| The PCs behind our firewall are not accessible by this VPN! | The PCs behind our firewall are not accessible by this VPN! |
