Candela Technologies Logo
Network Testing and Emulation Solutions

Configuring OpenVPN on Windows

Goal: Connect your laptop to a VPN with the provided keys and configuration file.

Connecting to the office network remotely requires you to install the openvpn package and place the config files in the correct places. You can start and stop the VPN using simple commands at a terminal.
 
  1. Install OpenVPN

  2. Download and install the latest version of OpenVPN GUI on windows.
    The list of packages to download is at the bottom of the page: screenshot

    For more information see Openvpn Community Downloads

  3. In your Downloads folder, double click to start the installer. screenshot
  4. When the installer asks you what components to choose, you just need those necessary for being a client. You do no need to install the EasyRSA script package. screenshot
  5. Add your Config Files

  6. OpenVPN keeps configuration files in C:\Program Files\OpenVPN\config. Open this folder with Windows Explorer. screenshot
  7. You should be provided with these files:
    1. ca.crt ← This is the VPN server certificate
    2. your-laptop.key ← This is your private key
    3. your-laptop.crt ← This is your certificate
    4. candelatech-udp.conf ← The config file for establishing a UDP connection. This is the faster type of connection.
    5. candelatech-tcp.conf ← The config file for establishing a TCP connection. TCP OpenVPN connections do not perform as well, and are useful if you are in an environment that only allows outbound TCP port 443.
    You will place these files in C:\Program Files\OpenVPN\config. you will probably be asked to give your password because the folder is owned by Administrator. screenshot
  8. Double click the OpenVPN GUI icon. If you see a warning message about no configuration files found, we're about to fix that in the next step. Click OK. screenshot
  9. Configuring OpenVPN

  10. When the OpenVPN software starts, it places an icon in the system tray.
    Click on Taskbar up arrow to see hidden taskbar items
    screenshot
  11. Right click the Screen with Padlock icon to see the menu. Select Settings. screenshot
  12. You will see the Settings→General tab. Here you can set OpenVPN to start automatically if you desire. screenshot
  13. Click on the Advanced tab. You will alter these settings: screenshot
    1. Change the Configuration Files→Folder value to where you saved your config files.
    2. Change the Configuration Files→Extension value to conf.
    3. Change the Log Files→Folder value to where you want to find your connection logs.
    4. Click OK
  14. Editing your Config File

  15. The candela-udp.conf configuration file is going to be formatted for a Linux machine. You will need to change the location of the certificates to absolute Windows paths.
    Backslashes \ need to be escaped: \\
    Any paths with spaces need to be "double-quoted";.
    screenshot
  16. Here is an example file you can highlight and copy:
    client
    dev tun1
    proto udp
    remote firewall.candelatech.com 1194
    #remote firewall.candelatech.com 443
    script-security 2
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    verb 3
    ca ca.crt
    cert "C:\\Program Files\\OpenVPN\\config\\laptop-dell.2019-08-13.jreynolds.candelatech.com.crt"
    key "C:\\Program Files\\OpenVPN\\config\\laptop-dell.2019-08-13.jreynolds.candelatech.com.key"
    comp-lzo
    cipher AES-256-CBC
  17. Starting and Stoping the VPN Connection

  18. After saving your config files, return to the taskbar to start an openvpn connection: screenshot
    1. Click on Taskbar up arrow
    2. Right click on the Computer with Padlock
    3. Select your connection name
    4. Select Connect

Candela  Technologies, 2417 Main Street, Suite 201, Ferndale, WA 98248, USA
www.candelatech.com | sales@candelatech.com | +1.360.380.1618
Facebook | LinkedIn | Blog