![]() Recently, I got a new project assignment that requires to connect permanently to the customer's network through VPN. They are using a so-called SSL VPN. As I am using since more than 5 years within my company's network I was quite curious about their solution and how it would actually be different from OpenVPN. Well, short version: It is a disguised version of OpenVPN. Unfortunately, the company only offers a client for Windows and Mac OS which shouldn't bother any Linux user after all. OpenVPN is part of every recent distribution and can be activated in a couple of minutes - both client as well as server (if necessary). WatchGuard Firebox SSL - About dialog Borrowing some files from a Windows client installation Initially, I didn't know about the product, so therefore I went through the installation on Windows 8. No obstacles (and no restart despite installation of TAP device drivers!) here and the secured VPN channel was up and running in less than 2 minutes or so. Much appreciated from both parties - customer and me. Of course, this whole client package and my long year approved and stable installation ignited my interest to have a closer look at the WatchGuard client. Compared to the original OpenVPN client (okay, I have to admit this is years ago) this commercial product is smarter in terms of file locations during installation. You'll be able to access the configuration and key files below your roaming application data folder. To get there, simply enter '%AppData% WatchGuard Mobile VPN' in your Windows/File Explorer and confirm with Enter/Return. This will display the following files. Application folder below user profile with configuration and certificate files From there we are going to borrow four files, namely: • ca.crt • client.crt • client.ovpn • client.pem and transfer them to the Linux system. Ssh client download. RBrowser provides an easy way to manage and edit your HTML pages on the directly on the remote WEB host. Backup your important files using the Folder Sync Engine in RBrowser! RBrowser provides connectivity with FTP and SFTP. Maintain your web pages and sync the changes with a single click! You might also be able to isolate those four files from a Mac OS client. Frankly, I'm just too lazy to run the WatchGuard client installation on a Mac mini only to find the folder location, and I'm going to describe why a little bit further down this article. I know that you can do that! Feedback in the comment section is appreciated. Update #1: One of the reader (zer0Sum) provided the path information to retrieve the necessary files on a Mac OS system: /Users/[user]/Library/WatchGuard/Mobile VPN/ Thanks! Update #2: Retrieve the information directly from the WatchGuard Firebox as described in the next paragraph. Get the client configuration file from the WatchGuard Firebox Due to a replacement unit at my customer, I had to update all the certificates here on the client side, too. And as I already changed my main machine I wouldn't like to install the Windows Client software on this computer. Actually, it is not necessary because the certificates can be downloaded from the appliance directly. In order to do this, open your web browser and enter the following URL: Note: I changed the IP address of the remote directive above (which should be obvious, right?). This will give you a login dialog like so: Login into the WatchGuard Firebox to get the Mobile VPN with SSL Client information Enter your credentials given by your network administrator and you will be able to download various client information. This is the regular 'Mobile VPN with SSL client' area: Download the Mobile VPN with SSL Client Profile directly from the WatchGuard appliance We simply ignore the software for Windows and Mac and choose to download the client profile. Save the provided file 'client.ovpn' to a location on your computer. Now, you can open it with a text editor like Notepad++. Interestingly, the different certificates are stored inside the OpenVPN client configuration file. So, either you leave it as-is or you might consider to cut the certificates from the file and store them as individual files. Both approaches will work. Source: Configuration of OpenVPN (console) Depending on your distribution the following steps might be a little different but in general you should be able to get the important information from it. I'm going to describe the steps in 13.04 (Raring Ringtail). Watchguard Mobile Vpn ClientFor IPSec VPN connections from a Mac OSX device, you can also use the WatchGuard IPSec VPN Client for Mac OSX. For more information, see Install the IPSec Mobile VPN Client Software. For an iOS device, you can install the WatchGuard Mobile VPN app for iOS. VPN Tracker is the leading Apple Mac VPN client and compatible with almost all IPSec VPN, L2TP VPN and PPTP VPN gateways (Try VPN Tracker for free).Please refer to the following table to find out if the VPN Tracker team has already successfully tested VPN Tracker with your WatchGuard VPN gateway.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |