August 29, 2006

336 words 2 mins read

The Virtues of OpenVPN – Part 3

Yesterday I wrote about how to get a Windows client up on OpenVPN via service. But what if you want to deploy a number of these and don’t want to write up 10 page “HOWTO Install” docs? Well, that is exactly what I thought, so I automated the proccess. Here’s what I did:

Put together a directory with:

  • ca.crt
  • client.crt
  • client.key
  • COMPANY.ovpn
  • openvpn-2.0.07-install.exe
  • vpn.bat
  • network.txt — (Actually VBS File)
  • service.txt — (Actually VBS File)
The last 3 files are my creation. vpn.bat is what the user would excute. It will call the installer, as long as they install it with the “Defaults” its good to go. Network.vbs finds the TAP-Win32 and renames the connection to “COMPANY-ovpn”. Service.vbs finds the OpenVPN service, sets it to Automatic start and then starts the service. The first two files you might want to update to match your specifics. Once you have all the files together, ZIP em up and send em off. All the user has to do is extract em all in the same directory and run vpn.bat

Note: The two VBS files are supposed to be txt files (when packaged), this is because many AV’s and mail services will strip .vbs files (even if zipped). While I don’t suggest sending your crt’s and key’s across email — sometimes you have to.

Note 2: Be aware that the network.vbs file is looking for anything thats a TAP-Win32 connection. So if you for some reason already have one of these on your system — don’t use the script, or at least change how it works (its VB people, its not that hard).

Note 3: Important! I claim no responsibility for these files. What you do with them is your own deal. I’m not to blame if it mistakenly renames ALL of your network connections. TEST THE DAMNED THINGS FIRST. Also I claim no copyright on these files. I created the batch file, but the vbs files were gleamed (in part) off the net, stealing bits of code where I could.