This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM as VPN "Client"

Hey Guys!

I recently signed up for a VPN service. I want to have all the traffic from the device to go through the tunnel The service has .ovpn config files, as well as all the info I could need to set up a VPN connection, which I have downloaded. Now I have a bunch of .ovpn config files which are utterly useless.

On a side note, the #1 VPN feature request is something to convert the .ovpn to the (seemingly) proprietary .apc (or .epc) files:
UTM (Formerly ASG) Feature Requests: VPN (172 ideas)

There are a few posts indicating a script may be able to do so. I have downloaded it and run it. It never coimpletes properly, and the .apc file it spits out is always corrupted (or so say Sophos when I try to import it).

Now, I tried creating an SSL VPN Server, save the config file, and then tried to edit it; I couldn't seem to get it top open to be edited... If this is possible, please let me know how.

So... How do I set up this UTM to be an Open VPN client to another server whose settings I have no control over? All the Sophos guides I could find only mentioned creating the VPN server on one device, saving the config file, and using THAT on the "client" device. How can I just config the client device?

Is this even possible with the UTM 9 devices?

This thread was automatically locked due to age.

Parents

0 JW0914_01 over 9 years ago

Additionally:

/var/confd/res/openvpn/client.ovpn-default


[]
client
dev tun
proto []
remote [] []
tls-remote "[]"
route remote_host 255.255.255.255 net_gateway
resolv-retry infinite
nobind
persist-key
persist-tun
ca []
cert []
key []
auth-user-pass
cipher []
auth []
comp-lzo []
route-delay 4
verb 3
reneg-sec 0

While I've mentioned the chroot directory before, here is:

/var/sec/chroot-openvpn/etc/openvpn/openvpn.conf-default


dev tun

proto []
local []
port []
mark 4458

daemon
multihome
server []

[]
cipher []
auth []
comp-lzo []

persist-key
persist-tun
reneg-sec []
keepalive 10 120
verb []
down-pre
username-as-common-name

capath /etc/openvpn/ca.d
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/[]

client-config-dir /etc/openvpn/conf.d
status /var/run/openvpn-status.log
ifconfig-pool-persist /var/run/ipp.txt

management /var/run/openvpn_mgmt unix
management-client-user root
management-client-group root

push dhcp-option NTP 129.6.15.30
tun-mtu 60000

plugin /usr/lib/openvpn/plugins/openvpn-plugin-utm.so

Note: I added the NTP and tun-mtu

[SIZE="1"]**DISCLAIMER: Making any changes via the command line interface [cli] results in the loss of support and warranty for paid licensees**[/SIZE]

Reply

0 JW0914_01 over 9 years ago

Additionally:

/var/confd/res/openvpn/client.ovpn-default


[]
client
dev tun
proto []
remote [] []
tls-remote "[]"
route remote_host 255.255.255.255 net_gateway
resolv-retry infinite
nobind
persist-key
persist-tun
ca []
cert []
key []
auth-user-pass
cipher []
auth []
comp-lzo []
route-delay 4
verb 3
reneg-sec 0

While I've mentioned the chroot directory before, here is:

/var/sec/chroot-openvpn/etc/openvpn/openvpn.conf-default


dev tun

proto []
local []
port []
mark 4458

daemon
multihome
server []

[]
cipher []
auth []
comp-lzo []

persist-key
persist-tun
reneg-sec []
keepalive 10 120
verb []
down-pre
username-as-common-name

capath /etc/openvpn/ca.d
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/[]

client-config-dir /etc/openvpn/conf.d
status /var/run/openvpn-status.log
ifconfig-pool-persist /var/run/ipp.txt

management /var/run/openvpn_mgmt unix
management-client-user root
management-client-group root

push dhcp-option NTP 129.6.15.30
tun-mtu 60000

plugin /usr/lib/openvpn/plugins/openvpn-plugin-utm.so

Note: I added the NTP and tun-mtu

[SIZE="1"]**DISCLAIMER: Making any changes via the command line interface [cli] results in the loss of support and warranty for paid licensees**[/SIZE]

Children

No Data