How to Install and Configure OpenVPN Server on Zentyal 4.2 PDC
Steps to Install and Configure OpenVPN Server on Zentyal 4.2 PDC
OpenVPN is an Open Source program based on Secure Socket Layer protocol, which runs over Virtual Private Networks. The Virtual Private Networks is designed to provide secure connections to Central Organization Network over the Internet, independent of the platform or Operating System. It runs both as a client and server simultaneously and creates an encrypted virtual tunnel on endpoints and certificates by using TAP or TUN devices. This tutorial explains the installation and configuration of OpenVPN Server on Zentyal 4.2 PDC.
Requirements
It is necessary that you must have installed Zentyal 4.2 PDC before proceeding. To install Zentyal visit,
https://www.linuxhelp.com/install-zentyal-primary-domain-controller-integrate-windows-system/
Installing a OpenVPN Server
Logon to Zentyal 4.2 Web Administration Tool, which points the browser to Zentyal IP or the domain name.
Go to Software Management &rarr Zentyal Components and select VPN Service and finally hit on Install button
After the package has been installed successfully go to Module Status and verify VPN to enable the module.
Now you have to accept the pop up that allows you to see the system modifications and then press the Save changes button in right side corner.
Configuring a OpenVPN Server
To configure Zentyal OpenVPN Server, select VPN on the left panel. Then choose Servers and select Add New.
Select a descriptive name for the VPN server and select the Enabled check box and press add.
VPN server will be created and appear on the Server' s list. Now press the Configuration icon in order to setup the service.
Edit the configuration of server and press Change.
&rarr Server Certificate = server name certificate &ndash When you first add a new VPN server automatically, the certificate is issued with your VPN Server name.
&rarr VPN Address = 192.168.7.0/24 - here you can choose private network space (address) and make sure your system does not use the same network address space.
&rarr Server Port - UDP protocol, Port 1194 - default OpenVPN protocol and port
&rarr Select TUN interface - simulates a network layer device and operates at layer 3 of OSI model
&rarr Client authorization by common name - choose Zentyal self explanatory.
&rarr Select Allow client-to-client connections - From remote endpoints you can see your other machines that resides on your Local Network.
&rarr Interface to listen on - select All network Interfaces.
&rarr First and Second Name Servers - add your Zentyal Name Server IPs.
&rarr Search domain - Here add your domain name.
&rarr Choose Redirect Gateway.
&rarr Select Network Address Translation.
To add your internal network goto Network &rarr Objects &rarr add new .
Create a new object name and select add. Now navigate to VPN&rarr Servers. Press Advertised network icon in the respective server.
Now choose the Advertised Network and click add.
Press Save Changes button to apply the changes.
To Open a Firewall Ports
Navigate to Network&rarr Services and finally select Add New, to define the services for Zentyal Firewall.
Type a descriptive name for the services and press Add.
Press the Configuration button in order to edit settings and click Add New .
Choose the required configuration settings and press add.
&rarr Protocol = UDP
&rarr Source Port = Any
&rarr Destination Port = 1194
Once the configuration is done, Press Save Changes button to apply the changes.
Navigate to Firewall&rarr Packet Filter, in Filtering rules from internal network to Zentyal category choose the Configure Rules and finally hit Add New.
Choose the required configuration settings and press add.
&rarr Decision = Accept
&rarr Source = Any
&rarr Service = your vpn service rule just configured
Now repeat the steps with Filtering rules from External Networks to Zentyal then press the Save Changes button.
To configure a OpenVPN clients on Windows
To download the OpenVPN software and also clients configuration files, Go to VPN&rarr Servers. Choose Download Client Bundle icon.
In the Download Client Bundle of your server use the below settings for a Windows system and then Download the client package.
&rarr Client Type = Windows (Linux or Mac OS X)
&rarr Client’ s Certificate = Zentyal
&rarr Select Add OpenVPN installer' s to bundle
&rarr Connection Strategy = Random
&rarr Server Address = Zentyal public IP Address
&rarr First Additional Server Address(optional) = only if you have other public IP Address
&rarr Second Additional Server Address(optional) = same as First Additional Server Address
After downloading the client bundle, extract the zip archive. Then install OpenVPN software and also install Windows TAP drivers.
After OpenVPN software is installed, you have to copy all the Keys and Client configuration file from the extracted archive.
On 32-bit Windows
C:Program FilesOpenVPNconfig
On 64-bit Windows
C:Program Files (x86)OpenVPNconfig
Now click OpenVPN GUI Desktop to start the program. Select Show hidden icon and right click on OpenVPN icon &rarr Connect.
A pop-up window will appear after your connection is successfully established on both the tunnel endpoints and your VPN IP Address will be displayed.
Open command prompt and check your VPN server using Ping command.
ping 192.168.7.1