Differences between revisions 1 and 18 (spanning 17 versions)
Revision 1 as of 2007-01-19 18:24:50
Size: 1673
Editor: KarlPinc
Comment: Initial page
Revision 18 as of 2007-08-11 06:09:22
Size: 4348
Editor: JunYang
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
The [http://en.wikipedia.org/wiki/Virtual_private_network VPN] is implimented with [http://www.openvpn.org OpenVPN]. The VPN ([http://en.wikipedia.org/wiki/Virtual_private_network Virtual Private Network]) running on the Babase server uses the [http://www.openvpn.org OpenVPN] implementation.
Line 3: Line 3:
== Installing the Babase VPN == == Babase VPN on Mac OS X ==
Line 5: Line 5:
The certificate authority certificate for the babase VPN is:
{{{
-----BEGIN CERTIFICATE-----
MIID7jCCA1egAwIBAgIBADANBgkqhkiG9w0BAQQFADCBsTELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAk5DMQ8wDQYDVQQHEwZEVVJIQU0xLDAqBgNVBAoTI0R1a2UgVW5p
dmVyc2l0eSwgQmlvbG9neSBEZXBhcnRtZW50MRQwEgYDVQQLEwtBbGJlcnRzIExh
YjEfMB0GA1UEAxMWcGFwaW8uYmlvbG9neS5kdWtlLmVkdTEfMB0GCSqGSIb3DQEJ
ARYQYWxiZXJ0c0BkdWtlLmVkdTAeFw0wNzAxMTgxODMyMjhaFw0xNzAxMTUxODMy
MjhaMIGxMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTkMxDzANBgNVBAcTBkRVUkhB
TTEsMCoGA1UEChMjRHVrZSBVbml2ZXJzaXR5LCBCaW9sb2d5IERlcGFydG1lbnQx
FDASBgNVBAsTC0FsYmVydHMgTGFiMR8wHQYDVQQDExZwYXBpby5iaW9sb2d5LmR1
a2UuZWR1MR8wHQYJKoZIhvcNAQkBFhBhbGJlcnRzQGR1a2UuZWR1MIGfMA0GCSqG
SIb3DQEBAQUAA4GNADCBiQKBgQDMrqCCviAKmIJ/Hkmg92Uh4UD0S38Z0sDAk9T1
yw/1LyMMP8I3jR0y5nGQaExk0bNSrcwp1FOLj/a7D965a2zYg2/0XyArEP+sQWsR
F28QeTcr14M5g8aVY/SapxvhU2zQkrcq3Gzq+vJkfiorPadUPMLj4aliI4VZBvAo
Zvy2/wIDAQABo4IBEjCCAQ4wHQYDVR0OBBYEFHf5eTppS3HZbpk8qv2vg24nb8ga
MIHeBgNVHSMEgdYwgdOAFHf5eTppS3HZbpk8qv2vg24nb8gaoYG3pIG0MIGxMQsw
CQYDVQQGEwJVUzELMAkGA1UECBMCTkMxDzANBgNVBAcTBkRVUkhBTTEsMCoGA1UE
ChMjRHVrZSBVbml2ZXJzaXR5LCBCaW9sb2d5IERlcGFydG1lbnQxFDASBgNVBAsT
C0FsYmVydHMgTGFiMR8wHQYDVQQDExZwYXBpby5iaW9sb2d5LmR1a2UuZWR1MR8w
HQYJKoZIhvcNAQkBFhBhbGJlcnRzQGR1a2UuZWR1ggEAMAwGA1UdEwQFMAMBAf8w
DQYJKoZIhvcNAQEEBQADgYEAIiyqufdwn4ud7RyU20RYsZjUACygVGRwkZzk1h/l
bmrw5L0CB48+LpraG0pPRduyn156RD313+MqOu2RD50aT7MuJUMu4uaBU/qEpiTk
prVz3ACeiAlnnaTSdJl6n55Dc059vr2pxBZ8rLDIRaK9TDEwTSHPyzfmHExcAcRk
JvE=
-----END CERTIFICATE-----}}}		 You always have the option of installing the application using the instructions on the OpenVPN [http://www.openvpn.org web site], but the easier way, if you've Mac OS X 10.3 or higher, is to use the pre-packaged OpenVPN that includes a management GUI.

Note: This will probably work for Mac OS X 10.3 or 10.4 on the PPC/Intel architecture. If you have an older version we'll have to do something else.

Go to http://www.tunnelblick.net/ and download the latest released version which will extract itself upon downloading.
 * Version 3.0_B4 is available[http://www.tunnelblick.net/Tunnelblick_3.0_B4.zip here]

When the program is done downloading and extracts itself, place it in your applications folder then drag the icon in the applications folder to your dock.

Open your home folder and go to Library. Then open the folder entitled openvpn.

In this folder you will need to place two files in this directory.
 * The[https://papio.biology.duke.edu/babasewiki/BabaseVPN?action=AttachFile&do=get&target=openvpn.conf client.conf] from below which will be named openvpn.conf
 * The[https://papio.biology.duke.edu/babasewiki/BabaseVPN?action=AttachFile&do=get&target=albertslab.crt albertslab.crt] from below which will retain the same name

When you run Tunnelblick you will see a little tunnel at the top right hand corner of the screen which will let you connect by selecting "Connect 'openvpn'" and disconnect with the "Disconnect 'openvpn'" commands through the graphical dropdown. It may be helpful to have tunnelblick be in your startup items so you don't have to run it every time you want to connect on computers that are typically used for ranking.

== Babase VPN on Windows XP ==

As Administrator, install [http://www.openvpn.se/ OpenVPN GUI for Windows]. Unless you already have OpenVPN (without GUI) installed on your computer, it is easiest to download and install the installation package with both OpenVPN and OpenVPN GUI. Once installation completes, you should notice a new OpenVPN GUI icon in your system tray (at the lower-right corner of your desktop). The icon should be lit red at this point, because you have not made a VPN connection yet.

Download the following two files, and place them in the {{{C:\\Program Files\OpenVPN\config\}}} directory on your computer:
 * [https://papio.biology.duke.edu/babasewiki/BabaseVPN?action=AttachFile&do=get&target=albertslab.crt albertslab.crt]
 * [https://papio.biology.duke.edu/babasewiki/BabaseVPN?action=AttachFile&do=get&target=papio.ovpn papio.ovpn]

Now, to connect, right click on the OpenVPN GUI icon in your system tray, and choose "Connect". You will be prompted for your Duke Biology Unix user name and password. If the connection is successful, the icon will turn green. To disconnect, simply right lick on the icon and choose "Disconnect".

==== Optional Tweaks to Configuration ====

By default, OpenVPN GUI will start in your system tray whenever your computer starts up. If you do not want this behavior, you can use [http://www.microsoft.com/technet/sysinternals/Utilities/AutoRuns.mspx AutoRuns for Windows] to tweak it.

If you normally use your Windows XP computer as a non-Administrator user, you should create a shortcut to {{{C:\\Program Files\OpenVPN\bin\openvpn-gui.exe}}}, right-click on the shortcut, select "Properties", click "Advanced..." and select "Run with different credentials". Now, when you double-click this shortcut, you should choose to run it as Administrator (VPN will not function correctly if you do not run it as Administrator). The How-To section of the [http://openvpn.se/howto.html OpenVPN GUI website] has more information on how to run VPN as a non-admin user.

== Notes on Using the Babase VPN ==

When you start the VPN you will be asked for your Duke Biology Unix user name and password.

To test the VPN use the "ping" program to ping {{{papio-vpn.biology.duke.edu}}} (aka 172.16.3.1). If you get a response the VPN is working.

To connect to papio using the VPN you cannot use {{{papio.biology.duke.edu}}}. Use {{{papio-vpn.biology.duke.edu}}} (172.16.3.1) instead.

The VPN ([http://en.wikipedia.org/wiki/Virtual_private_network Virtual Private Network]) running on the Babase server uses the [http://www.openvpn.org OpenVPN] implementation.

Babase VPN on Mac OS X

You always have the option of installing the application using the instructions on the OpenVPN [http://www.openvpn.org web site], but the easier way, if you've Mac OS X 10.3 or higher, is to use the pre-packaged OpenVPN that includes a management GUI.

Note: This will probably work for Mac OS X 10.3 or 10.4 on the PPC/Intel architecture. If you have an older version we'll have to do something else.

Go to http://www.tunnelblick.net/ and download the latest released version which will extract itself upon downloading.

When the program is done downloading and extracts itself, place it in your applications folder then drag the icon in the applications folder to your dock.

Open your home folder and go to Library. Then open the folder entitled openvpn.

In this folder you will need to place two files in this directory.

When you run Tunnelblick you will see a little tunnel at the top right hand corner of the screen which will let you connect by selecting "Connect 'openvpn'" and disconnect with the "Disconnect 'openvpn'" commands through the graphical dropdown. It may be helpful to have tunnelblick be in your startup items so you don't have to run it every time you want to connect on computers that are typically used for ranking.

Babase VPN on Windows XP

As Administrator, install [http://www.openvpn.se/ OpenVPN GUI for Windows]. Unless you already have OpenVPN (without GUI) installed on your computer, it is easiest to download and install the installation package with both OpenVPN and OpenVPN GUI. Once installation completes, you should notice a new OpenVPN GUI icon in your system tray (at the lower-right corner of your desktop). The icon should be lit red at this point, because you have not made a VPN connection yet.

Download the following two files, and place them in the C:\\Program Files\OpenVPN\config\ directory on your computer:

Now, to connect, right click on the OpenVPN GUI icon in your system tray, and choose "Connect". You will be prompted for your Duke Biology Unix user name and password. If the connection is successful, the icon will turn green. To disconnect, simply right lick on the icon and choose "Disconnect".

Optional Tweaks to Configuration

By default, OpenVPN GUI will start in your system tray whenever your computer starts up. If you do not want this behavior, you can use [http://www.microsoft.com/technet/sysinternals/Utilities/AutoRuns.mspx AutoRuns for Windows] to tweak it.

If you normally use your Windows XP computer as a non-Administrator user, you should create a shortcut to C:\\Program Files\OpenVPN\bin\openvpn-gui.exe, right-click on the shortcut, select "Properties", click "Advanced..." and select "Run with different credentials". Now, when you double-click this shortcut, you should choose to run it as Administrator (VPN will not function correctly if you do not run it as Administrator). The How-To section of the [http://openvpn.se/howto.html OpenVPN GUI website] has more information on how to run VPN as a non-admin user.

Notes on Using the Babase VPN

When you start the VPN you will be asked for your Duke Biology Unix user name and password.

To test the VPN use the "ping" program to ping papio-vpn.biology.duke.edu (aka 172.16.3.1). If you get a response the VPN is working.

To connect to papio using the VPN you cannot use papio.biology.duke.edu. Use papio-vpn.biology.duke.edu (172.16.3.1) instead.

BabaseVPN (last edited 2018-01-24 20:16:04 by JakeGordon)

Wiki content based upon work supported by the National Science Foundation under Grant Nos. 0323553 and 0323596. Any opinions, findings, conclusions or recommendations expressed in this material are those of the wiki contributor(s) and do not necessarily reflect the views of the National Science Foundation.