openvpn for iPhone/Andriod - ovpn file technique
openvpn is available on openbsd and is now available natively on iPhone and Android without the need to jailbreak or other hacks.
If you are using anything other than pre-shared secretes, like rsa keys or certificates, then you need to incorporate the keys and certs INTO THE client's .OVPN FILE ITSELF and then pass the key-cert-incorporated .ovpn file to the device.
The "trick" to this incorporated .ovpn file is to use xml-style open-close tag syntax as show in the following.
# # myiphone.ovpn 2013v1 # tls-client client proto udp dev tun0 nobind persist-key persist-tun verb 3 pull comp-lzo reneg-sec 3600 remote myvpn.myserver.ca 1194 ns-cert-type server key-direction 1 <key> -----BEGIN PRIVATE KEY----- <your key stuff here> -----END PRIVATE KEY----- </key> <tls-auth> -----BEGIN OpenVPN Static key V1----- <your tls-key stuff here> -----END OpenVPN Static key V1----- </tls-auth> <ca> -----BEGIN CERTIFICATE----- <your ca-cert (that signed client cert that follow) stuff> -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- <this cleint's specific cert stuff> -----END CERTIFICATE----- </cert>
Good luck all.
Never argue with an idiot. They will bring you down to their level and beat you with experience.
Last edited by s2scott; 11th April 2013 at 08:30 PM.
|Thread||Thread Starter||Forum||Replies||Last Post|
|Dennis Ritchie: the other man inside your iPhone||J65nko||News||2||16th October 2011 09:56 PM|
|Cannot set up OpenVPN||guitarscn||OpenBSD Security||8||5th October 2009 05:19 PM|