25-08-2017, 09:32 PM
OpenVPN is an easy-to-maintain and set up virtual private network application that up to the required virtual network interface works completely in user space. All network traffic is encrypted based on OpenSSL.
Functioning
OpenVPN sets after starting on both the client and the server side, a virtual network interface (if not) already exist, each of which one end of the Tunnelsdarstellt. The OpenVPN server has the client a fixed IP address or host name of firm to be accessible and connects with him on any UDP or TCP port. With the two ways of routing and bridging are now depending on the selection, almost all or any service on the local network for the client.
All traffic through the tunnel is encrypted using OpenSSL libraries. The LZO libraries offer the option to compress the information.
[Edit]
Required components
OpenVPN
OpenSSL on Unix or Windows
(Virtual Point-to-point and Ethernet interface is integrated with Linux kernel 2.4 and the Windows attributed installing OpenVPN)
Public Key Infrastructure (PKI) (optional)
Installation
Windows
The installation is done - as usual under Windows - by starting the EXE file and repeatedly click Next. Then there is the openvpn program under \ Program Files \ OpenVPN \ bin, configuration files in config \ Program Files \ OpenVPN \.
[Edit]
Start as an unprivileged user
To build the tunnel as a normal user access control lists for the OpenVPN need to change service. eg setacl or Subinacl.exe.
Viewing permissions:
setacl -on openvpnservice -ot srv -actn list
Setting the ACLs on the OpenVPN service, so that users can stop and start the service:
setacl -on openvpnservice -ot srv -actn ace -ace "n:Benutzer;ptart_stop"
Start the service via the command line:
sc start OpenVPNService
Stopping the service via the command line:
sc stop OpenVPNService
The above measures, however, not allow the setting of routes. To an unprivileged user to enable the setting of routes, he must be the group of network configuration operators are added. If you want to start automatically after logging into their favorite connection must also be in the registry under HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run openvpn-gui to change the entry.
openvpn-gui REG_SZ c:\programme\openvpn\bin\openvpn-gui.exe --connect config.ovpn
Then they will begin signing in, asked depending on the type of connection, immediately after the username and password (for example, Base1).
see http://74.125.153.132/translate_c?hl=en&...XAIUF8iBjA