• Home
• About
• People
• News
• Events
• Research
• Courses
• Graduate Study
• Undergraduate Study
• Places
• Computing Systems
• Accounts
• After Hours
• Backups
• Copyright
• Disk Space
• Doc
• Education
• Email
• Ergonomics
• FTP
• Get Software
• Hardware
• Help
• Licenses
• Local Access
• Network
• New Users
• Policies
• Remote Access
• Certificates
• Email
• Legacy Methods
• OpenVPN
• Windows Guide
• SSH
• Unison
• Research
• Search
• Snapshots
• Statistics
• Software
• Technical Reports
• Web
• Industrial Relations
• Alumni
• Contacts

OpenVPN

A VPN (Virtual Private Network) provides a mechanism whereby a machine outside of the CS department's trusted network can securely access the department's resources. Typically, users connect to the VPN when they have access to a high speed internet connection, i.e. a cable modem or another university intranet, and require access to departmental resources which are not typically provided outside of the firewall.

Departmental VPN servers

The department provides an OpenVPN server. To use it, you will first need to know your LDAP account password. See the LDAP page for more information.

Once you have set up your LDAP password, you can install OpenVPN. We provide an installer for Windows available (on the CS internal web); this executable will install the OpenVPN software and configure it for the CS department VPN. If you have problem with the customized openvpn package, you can download the orginial openvpn installer from the OpenVPN Download site. You will need the openvpn config files too if you use the original installer. See OpenVPN certificates section.

Downloading the software without a VPN connection

In order to download the OpenVPN software from the internal web server, you can use the old pptp vpn while it's still available. The other method is to use ssh port forwarding. Basically, you tunnel a tcp port i.e. 8080 through ssh.cs.brown.edu and redirect that port to web-int.cs.brown.edu port 80. The command to do this is ssh -L 8080:web-int.cs.brown.edu:80 ssh.cs.brown.edu
Once the ssh tunnel is established, you open up a web browser and connect to http://localhost:8080/system/remote/vpn/

On other platforms (Linux/UNIX/OSX), you will need to install and configure OpenVPN client yourself. You can download the CS department OpenVPN config and certificate files (only available on the internal web). This tgz file contains the configuration file, certificates, and keys necessary to configure your client to connect to our server. Once placed in the appropriate directory for your platform, these files should allow you to connect to our VPN.

Setup and Configuration

The following FAQs should lead you through step-by-step configuration of your windows client software:

Windows

OpenVPN certificates

The OpenVPN client certificate will expire on Saturday, December 12, 2009. Please download the new certificate file, openvpncfg-win.exe for Windows, from the internal web server or through ssh port forwarding. The Linux version of the new certificates, openvpncfg.tgz is also available from the internal web server or through ssh port forwarding.

For Window Users, run the openvpncfg-win.exe and extract the new certificates to c:\Program Files\OpenVPN\config directory overwriting the existing files.

Problems

If you've followed the directions here and still can't connect to the department's VPN, then contact our technical staff for help.

---

Page Owner: Dorinda Moulton

Last Modified: Tue Sep 15 16:44:50 2009