Open Vpn Manual Configuration¶
The OpenVPN server provides access into the SoftFIRE VPN for Experimenters. The Experimenters can access the VPN using their experimenter certificate that was generated during the registration process.
There are two options to create the OpenVPN configuration file. You need to follow only one of these.
Option one: Experimenter configuration file with external certificate file.¶
This solution needs two files that need to be placed in one folder, but it is easier to create.
Create a file "softfire.ovpn" and put the following text inside and store it in the same folder as the downloaded "certificate.pem"
dev tun client remote softfire-vpn.av.tu-berlin.de 443 ;proto udp proto tcp nobind persist-key persist-tun comp-lzo keepalive 10 120 verb 3 remote-cert-tls server resolv-retry infinite nobind <ca> -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIQLJdZE0PTZ7/N1PiCOH1EOzANBgkqhkiG9w0BAQsFADCB pTELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGlu MRIwEAYDVQQKDAlUVSBCZXJsaW4xCzAJBgNVBAsMAkFWMR4wHAYDVQQDDBVUVSBC ZXJsaW4gU29mdEZJUkUgQ0ExMzAxBgkqhkiG9w0BCQEWJGF2LWluZnJhc3RydWN0 dXJlQGxpc3RzLnR1LWJlcmxpbi5kZTAeFw0xNjA2MjcxNTMxNTlaFw0yMTA2MjYx NTMxNTlaMIGlMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQH DAZCZXJsaW4xEjAQBgNVBAoMCVRVIEJlcmxpbjELMAkGA1UECwwCQVYxHjAcBgNV BAMMFVRVIEJlcmxpbiBTb2Z0RklSRSBDQTEzMDEGCSqGSIb3DQEJARYkYXYtaW5m cmFzdHJ1Y3R1cmVAbGlzdHMudHUtYmVybGluLmRlMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEA1Fk2hti4hsahT8t+8fEfxrSAiJJDuXyj5g48mn37u8o2 0VK/9STmG7nCiZQwtEIiz9MpxDo6oeap8qwJacp5V6RTZ5d3sPypfM5S06vxTOZX KsvWWv7E7An+O0J8I819mfg3/SkJJmu12i13f+r03+29hnlPZaXuqZnQmKFfolpP GHTaPLbn5aED17Lyg0eyFiCCXBes5FM9fBuqbSU+jDmfwd+nBcJG61oHdrGvp5vZ gUQm8X43sMeb/dP8ncHP3cft47A5QHc+GKDNroWW43almezOgByzzckG39eWqV0h E18Bts5y9BUdsYNJdZaLEWAPMLR8Li3LAx1gd2YVwQIDAQABo4IBKzCCAScwEgYD VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDMfaUfm l6CQdssrpTLv4WG81BHhMIHhBgNVHSMEgdkwgdaAFDMfaUfml6CQdssrpTLv4WG8 1BHhoYGrpIGoMIGlMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD VQQHDAZCZXJsaW4xEjAQBgNVBAoMCVRVIEJlcmxpbjELMAkGA1UECwwCQVYxHjAc BgNVBAMMFVRVIEJlcmxpbiBTb2Z0RklSRSBDQTEzMDEGCSqGSIb3DQEJARYkYXYt aW5mcmFzdHJ1Y3R1cmVAbGlzdHMudHUtYmVybGluLmRlghAsl1kTQ9Nnv83U+II4 fUQ7MA0GCSqGSIb3DQEBCwUAA4IBAQCz6j6JMXbBUG0j4Ijx4JsuuuHaJBmBB/eN S6qthzg8F6wC45K2Xel0T3+uhFmnBbylWIVP0Xl3SthGeukJqT2VgnbRbYt6I17x ot8eUyZb495moDJ8wWN8XU6Atcl6igB2tNmsZkj5OnaepQTyy1Ocl8akHN4TNKD5 olNy0TpH70+FfzuDRKGqfzivAT5P3l1zyRcRDSk4wVEXFB/95ZqX90AvPiLOfGAe aEIbwcXwcVxYma83LhCiBZo3SQ1wH+cvOrDwQ/SY0u2fndpf5WqAeBj9A3aYgqCS lMg366OjDzFpNaTLX4HQPX682AuMj338NPLoPXXfyHxmIMN4ZRcs -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICAQIwDQYJKoZIhvcNAQELBQAwgaUxCzAJBgNVBAYTAkRF MQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjESMBAGA1UECgwJVFUg QmVybGluMQswCQYDVQQLDAJBVjEeMBwGA1UEAwwVVFUgQmVybGluIFNvZnRGSVJF IENBMTMwMQYJKoZIhvcNAQkBFiRhdi1pbmZyYXN0cnVjdHVyZUBsaXN0cy50dS1i ZXJsaW4uZGUwHhcNMTYwNzI3MTQ0ODQzWhcNMTgwNzI3MTQ0ODQzWjBgMQswCQYD VQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQHDAZCZXJsaW4xGTAXBgNV BAoMEEZyYXVuaG9mZXIgRk9LVVMxFDASBgNVBAMMC0ZpdGVhZ2xlIENBMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3Hy2l7zLZRE306xu15X9jZFub7SS yiQxndC4zDun+av/TiQJU/gK1/TPo6Y0u2+sqpuTPCh6XBA2N63AmZzpZpSAMBux JTm+BOYIqa0GJ5tW5tKBMPH3pITdgsh256ckyf57LUKH66yQgTfJskpF5ovDMNUq 6vZAvEVjXa/A3tUaB5NxcQeLixKJJrmuh2TBxN3OOWNKD8vyal6KKOTYpeaillZ9 zqmtNr9nXnlhfMBZPXJBQmw2OOlaX5uIuceMkpg6TIVrNlbdJuS9TeTVmx1MtmVm 73Q5ii2FcopYrV1v8W4C3atxFCTfmFRlrRm6sJ7ZRQhGtJphPZczwtqcC7MKJjQN bYeAG8BQHRnVQrVXr5+jrysqFWGoXGDISVprm0DjGij5ok2jIYaSgBpLVrD3e4eC LgYH58+f8u5tQxE1TxGCudAb0fSMy+GAe+5qbbEQkLc/+WXnGi4xTTozebmccJs8 mbu5/BICYu5e53B58DFJy8x8qjLQjXuvspKqcPT5Dp07LmIu30sgrXG+Mdq1cWjV VHx9XwJz1c89Oy/6TandrznRfGVNAzXPenm3gr0wib7qwWlsSPTrBOcXyjMthV27 wX6MK5GWWH+Uk5Z9a/V2JE9+J3KtEtk8D4xSEIQJ+pJZtXh1YxNzzYhY/czJLYdA loVSHOjwDmPtbEECAwEAAaOCARUwggERMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYE FMKA1MAJkTlwFZ5USVhoOJkZO4CDMIHhBgNVHSMEgdkwgdaAFDMfaUfml6CQdssr pTLv4WG81BHhoYGrpIGoMIGlMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGlu MQ8wDQYDVQQHDAZCZXJsaW4xEjAQBgNVBAoMCVRVIEJlcmxpbjELMAkGA1UECwwC QVYxHjAcBgNVBAMMFVRVIEJlcmxpbiBTb2Z0RklSRSBDQTEzMDEGCSqGSIb3DQEJ ARYkYXYtaW5mcmFzdHJ1Y3R1cmVAbGlzdHMudHUtYmVybGluLmRlghAsl1kTQ9Nn v83U+II4fUQ7MA0GCSqGSIb3DQEBCwUAA4IBAQAYcCmGctVfnRZ6oL2z6qvn9Dhm Hpt1zIC0pR7vKroi8OyGpv+BB7gHEXX0ecq8VtLKTcXWYR+7NdZS7IX8lyd81LiX XB1x09hEKH8O71T9v3TAMVtFDHmUito8cJQtPJFlVLZyL5xF+H0VHHEED4JP8xp4 KPFd2Rt0ixTNnE3ccUgumty1X+xq0rWSCzOXy11TxOv2tzB7TA/O85XRw9QzE3jw 4WjTS7tH9Phe/JTxbnhADS7k5mHZ+FDmX4xeTrXKNKv9+W1Qz9qQQ441IWpokBow tBeOMiadvRRQ2fhNuKCpgVUgyUyts0fFvDwJhLTnUqEbdgr19HbLO8GwqPbk -----END CERTIFICATE----- </ca> cert certificate.pem key certificate.pem
Option two: config file with embedded keys¶
This solution only needs a single file, but this file as to be edited manually.
Create a file "softfire.ovpn" and put the following text inside and copy and paste your certificate from the downloaded "certificate.pem" into the cert section and your private key into the key section
dev tun client remote softfire-vpn.av.tu-berlin.de 443 ;proto udp proto tcp nobind persist-key persist-tun comp-lzo keepalive 10 120 verb 3 remote-cert-tls server resolv-retry infinite nobind <ca> -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIQLJdZE0PTZ7/N1PiCOH1EOzANBgkqhkiG9w0BAQsFADCB pTELMAkGA1UEBhMCREUxDzANBgNVBAgMBkJlcmxpbjEPMA0GA1UEBwwGQmVybGlu MRIwEAYDVQQKDAlUVSBCZXJsaW4xCzAJBgNVBAsMAkFWMR4wHAYDVQQDDBVUVSBC ZXJsaW4gU29mdEZJUkUgQ0ExMzAxBgkqhkiG9w0BCQEWJGF2LWluZnJhc3RydWN0 dXJlQGxpc3RzLnR1LWJlcmxpbi5kZTAeFw0xNjA2MjcxNTMxNTlaFw0yMTA2MjYx NTMxNTlaMIGlMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQH DAZCZXJsaW4xEjAQBgNVBAoMCVRVIEJlcmxpbjELMAkGA1UECwwCQVYxHjAcBgNV BAMMFVRVIEJlcmxpbiBTb2Z0RklSRSBDQTEzMDEGCSqGSIb3DQEJARYkYXYtaW5m cmFzdHJ1Y3R1cmVAbGlzdHMudHUtYmVybGluLmRlMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEA1Fk2hti4hsahT8t+8fEfxrSAiJJDuXyj5g48mn37u8o2 0VK/9STmG7nCiZQwtEIiz9MpxDo6oeap8qwJacp5V6RTZ5d3sPypfM5S06vxTOZX KsvWWv7E7An+O0J8I819mfg3/SkJJmu12i13f+r03+29hnlPZaXuqZnQmKFfolpP GHTaPLbn5aED17Lyg0eyFiCCXBes5FM9fBuqbSU+jDmfwd+nBcJG61oHdrGvp5vZ gUQm8X43sMeb/dP8ncHP3cft47A5QHc+GKDNroWW43almezOgByzzckG39eWqV0h E18Bts5y9BUdsYNJdZaLEWAPMLR8Li3LAx1gd2YVwQIDAQABo4IBKzCCAScwEgYD VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDMfaUfm l6CQdssrpTLv4WG81BHhMIHhBgNVHSMEgdkwgdaAFDMfaUfml6CQdssrpTLv4WG8 1BHhoYGrpIGoMIGlMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYD VQQHDAZCZXJsaW4xEjAQBgNVBAoMCVRVIEJlcmxpbjELMAkGA1UECwwCQVYxHjAc BgNVBAMMFVRVIEJlcmxpbiBTb2Z0RklSRSBDQTEzMDEGCSqGSIb3DQEJARYkYXYt aW5mcmFzdHJ1Y3R1cmVAbGlzdHMudHUtYmVybGluLmRlghAsl1kTQ9Nnv83U+II4 fUQ7MA0GCSqGSIb3DQEBCwUAA4IBAQCz6j6JMXbBUG0j4Ijx4JsuuuHaJBmBB/eN S6qthzg8F6wC45K2Xel0T3+uhFmnBbylWIVP0Xl3SthGeukJqT2VgnbRbYt6I17x ot8eUyZb495moDJ8wWN8XU6Atcl6igB2tNmsZkj5OnaepQTyy1Ocl8akHN4TNKD5 olNy0TpH70+FfzuDRKGqfzivAT5P3l1zyRcRDSk4wVEXFB/95ZqX90AvPiLOfGAe aEIbwcXwcVxYma83LhCiBZo3SQ1wH+cvOrDwQ/SY0u2fndpf5WqAeBj9A3aYgqCS lMg366OjDzFpNaTLX4HQPX682AuMj338NPLoPXXfyHxmIMN4ZRcs -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIFmTCCBIGgAwIBAgICAQIwDQYJKoZIhvcNAQELBQAwgaUxCzAJBgNVBAYTAkRF MQ8wDQYDVQQIDAZCZXJsaW4xDzANBgNVBAcMBkJlcmxpbjESMBAGA1UECgwJVFUg QmVybGluMQswCQYDVQQLDAJBVjEeMBwGA1UEAwwVVFUgQmVybGluIFNvZnRGSVJF IENBMTMwMQYJKoZIhvcNAQkBFiRhdi1pbmZyYXN0cnVjdHVyZUBsaXN0cy50dS1i ZXJsaW4uZGUwHhcNMTYwNzI3MTQ0ODQzWhcNMTgwNzI3MTQ0ODQzWjBgMQswCQYD VQQGEwJERTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQHDAZCZXJsaW4xGTAXBgNV BAoMEEZyYXVuaG9mZXIgRk9LVVMxFDASBgNVBAMMC0ZpdGVhZ2xlIENBMIICIjAN BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3Hy2l7zLZRE306xu15X9jZFub7SS yiQxndC4zDun+av/TiQJU/gK1/TPo6Y0u2+sqpuTPCh6XBA2N63AmZzpZpSAMBux JTm+BOYIqa0GJ5tW5tKBMPH3pITdgsh256ckyf57LUKH66yQgTfJskpF5ovDMNUq 6vZAvEVjXa/A3tUaB5NxcQeLixKJJrmuh2TBxN3OOWNKD8vyal6KKOTYpeaillZ9 zqmtNr9nXnlhfMBZPXJBQmw2OOlaX5uIuceMkpg6TIVrNlbdJuS9TeTVmx1MtmVm 73Q5ii2FcopYrV1v8W4C3atxFCTfmFRlrRm6sJ7ZRQhGtJphPZczwtqcC7MKJjQN bYeAG8BQHRnVQrVXr5+jrysqFWGoXGDISVprm0DjGij5ok2jIYaSgBpLVrD3e4eC LgYH58+f8u5tQxE1TxGCudAb0fSMy+GAe+5qbbEQkLc/+WXnGi4xTTozebmccJs8 mbu5/BICYu5e53B58DFJy8x8qjLQjXuvspKqcPT5Dp07LmIu30sgrXG+Mdq1cWjV VHx9XwJz1c89Oy/6TandrznRfGVNAzXPenm3gr0wib7qwWlsSPTrBOcXyjMthV27 wX6MK5GWWH+Uk5Z9a/V2JE9+J3KtEtk8D4xSEIQJ+pJZtXh1YxNzzYhY/czJLYdA loVSHOjwDmPtbEECAwEAAaOCARUwggERMAwGA1UdEwQFMAMBAf8wHQYDVR0OBBYE FMKA1MAJkTlwFZ5USVhoOJkZO4CDMIHhBgNVHSMEgdkwgdaAFDMfaUfml6CQdssr pTLv4WG81BHhoYGrpIGoMIGlMQswCQYDVQQGEwJERTEPMA0GA1UECAwGQmVybGlu MQ8wDQYDVQQHDAZCZXJsaW4xEjAQBgNVBAoMCVRVIEJlcmxpbjELMAkGA1UECwwC QVYxHjAcBgNVBAMMFVRVIEJlcmxpbiBTb2Z0RklSRSBDQTEzMDEGCSqGSIb3DQEJ ARYkYXYtaW5mcmFzdHJ1Y3R1cmVAbGlzdHMudHUtYmVybGluLmRlghAsl1kTQ9Nn v83U+II4fUQ7MA0GCSqGSIb3DQEBCwUAA4IBAQAYcCmGctVfnRZ6oL2z6qvn9Dhm Hpt1zIC0pR7vKroi8OyGpv+BB7gHEXX0ecq8VtLKTcXWYR+7NdZS7IX8lyd81LiX XB1x09hEKH8O71T9v3TAMVtFDHmUito8cJQtPJFlVLZyL5xF+H0VHHEED4JP8xp4 KPFd2Rt0ixTNnE3ccUgumty1X+xq0rWSCzOXy11TxOv2tzB7TA/O85XRw9QzE3jw 4WjTS7tH9Phe/JTxbnhADS7k5mHZ+FDmX4xeTrXKNKv9+W1Qz9qQQ441IWpokBow tBeOMiadvRRQ2fhNuKCpgVUgyUyts0fFvDwJhLTnUqEbdgr19HbLO8GwqPbk -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- **Paste Your Cert Text here** -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- **Paste Your Cert Private Key here** -----END PRIVATE KEY----- </key>