|
Setup walkthrough of OpenVPN (and SSH) on Windows XP
IT&E Labs recommends using OpenVPN to connect to the IT&E Labs Linux/Unix network. It is more straightforward than
configuring tunneling with SSH alone or using either of the tunneling tools that were provided previously.
Setup will take probably about 10-20 minutes.
If you need more help, please contact your TA, an IT&E lab assistant, and/or system@ite.gmu.edu.
(This walkthrough took longer because of the graphic captures and editing.)
compare with the IT&E Tunneler tool
the IT&E Hermes Tunneler tool
'universal' SSH tunnel configuration
Update your browser's root authority security certificates.
When you navigate your web browser to the IT&E Access Manager webpages, the web browser may display a security message.
Please read about the webpage certificate security message (and how to install a root certificate)
so your
browser authenticates the IT&aamp;E Access Manager webpages.
Download software and files
You will need
OpenVPN with IT&E configuration files and SSH Secure Shell.
--
Download SSH Secure Shell from http://itusupport.gmu.edu, follow the downloads link
and choose SSH
Secure Shell 3.2.9.
--
Download OpenVPN with the IT&E configuration files from https://access.ite.gmu.edu/vpn .
It is a secure site, so accept the certificate.
Follow the link to the Windows Setup page at https://access.ite.gmu.edu/vpn/windows .
(There are also links to Mac and Linux versions.)
Download ite_openvpn_installer.zip, and ...
Install OpenVPN
Unzip ite_openvpn_installer.zip to get the ite_openvpn_installer folder,
and these files in the folder:
Run ite_openvpn_installer.exe
 ... 
New icons appear in the system tray at the bottom right of your screen for the newly installed program and the new virtual network
connector: (Here they are pictured as under under the bottom left corner of the tool tip boxes.) Notice the red in the OpenVPN icon.
 
Notice that the IT&E configuration files have been placed into C:\Program Files\OpenVPN\config:
Right click the OpenVPN icon for a new context menu.
Most of the Context options are self-explanatory.
There is no need to change the password since it comes from
your e-mail account. (OpenVPN indicates there is no "key" or
"pkcs12" option.) The Proxy Settings should be as shown below.
Those insterested can dig deeper into OpenVPN's website.
Cancel and ...
Start OpenVPN
Right click on the OpenVPN icon in the system tray and choose 'Connect' from the context menu
(If the icon is not showing in the tray, click Start, Programs, OpenVPN, OpenVPN GUI.)
Log on with your IT&E Linux/Unix username and password (i.e. the same as your GMU e-mail account)...
.jpg)
The system tray now looks like this:
The notes on https://access.ite.gmu.edu/vpn say the first connection takes a while, so while waiting...
If you already have SSH installed, skip ahead to
VPN connected & ready.
SSH installation
... Run the installer for SSH Secure Shell:
Double-click the installer icon
Click the buttons as highlighted:
Read the agreement.
(Missed the window capture for a fast Progress bar.)
If you already have the current version of SSH Secure Shell for Windows installed, continue with the OpenVPN
connected & ready section.
SSH Log in to mason (test)
Test SSH by connecting to the mason cluster with the SSH (terminal) client:
Press the spacebar (or click File, Connect...).
(You may want to choose 'Yes' if you are using your own machine and not one that
is available to the public.)
If you mistype your password, you may see when you log in correctly a message about a failed login attempt:
Note that you can open additional terminals (blue and white toolbar tool icons  ) or file
transfers (blue and
yellow folder toolbar icons  ) to the same host where you have already connected simply by
clicking the
corresponding toolbar icon. This can be particulary useful for editing program code in one window and compiling and running the code in
another.
OpenVPN connected & ready
Meanwhile, when OpenVPN connects, a message appears from the system
tray at the bottom right corner of the screen, and the OpenVPN
icon there has changed to
green (immediately below the '10.' that starts the private IP
address):
(This initial connection took a long time but subsequent connections will be much faster.)
SSH Log in to zeus
Now if OpenVPN is working and connected, the icon will be green, and your computer can connect as if it were in our lab or on our network.
(If you are in our lab or connected to our network, OpenVPN is not needed and will not turn green.)
You should be able to log onto zeus.ite.gmu.edu directly through SSH. Start a new
SSH session
and press the space bar. (You may leave any previous session to mason.gmu.edu active.)
(If you are the only one who uses your computer, you may want to click Yes and save the key.)
The prompt shows that you are logged in and zeus is ready to go.
After you have finished your work session and have logged out, you can disconnect from the VPN.
The OpenVPN context menu has changed a little:
Click Disconnect
This disconnection also disconnected any active SSH session to zeus, but my SSH session to mason was still active. So, you will want to finish
whatever you are
working on on machines in the IT&E Linux/Unix cluster before disconnecting the OpenVPN channel(s) to them. (Anyway, it is a good practice to
save your
work as often as will account for the most work you would accept having to redo.)
Reconnecting is much faster:
Subsequent logons with SSH to osf1.gmu.edu while OpenVPN is connected to the IT&E cluster remain active even when OpenVPN is disconnected.
This completes the OpenVPN setup walkthrough.
You may need to use OpenVPN when using Oracle or Hermes.
(Return to the FAQs).
IT&E Instructional Computing Laboratories provide a framework for computing-related educational activities within the School of Information Technology and Engineering. The labs serve students of all the Departments in IT&E.
|
