Install OpenVPN
- Download and install the latest version of OpenVPN GUI on windows.
The list of packages to download is at the bottom of the page:
For more information see Openvpn Community Downloads
- In your Downloads folder, double click to start the installer.
- When the installer asks you what components to choose, you just need those necessary for being a client. You do no need to install the EasyRSA script package.
Add your Config Files
- OpenVPN keeps configuration files in C:\Program Files\OpenVPN\config. Open this folder with Windows Explorer.
- You should be provided with these files:
- ca.crt ← This is the VPN server certificate
- your-laptop.key ← This is your private key
- your-laptop.crt ← This is your certificate
- candelatech-udp.conf ← The config file for establishing a UDP connection. This is the faster type of connection.
- candelatech-tcp.conf ← The config file for establishing a TCP connection. TCP OpenVPN connections do not perform as well, and are useful if you are in an environment that only allows outbound TCP port 443.
You will place these files in C:\Program Files\OpenVPN\config. you will probably be asked to give your password because the folder is owned by Administrator.
- Double click the OpenVPN GUI icon. If you see a warning message about no configuration files found, we're about to fix that in the next step. Click OK.
Configuring OpenVPN
- When the OpenVPN software starts, it places an icon in the system tray.
Click on Taskbar up arrow ⋀ to see hidden taskbar items
- Right click the Screen with Padlock icon to see the menu. Select Settings.
- You will see the Settings→General tab. Here you can set OpenVPN to start automatically if you desire.
- Click on the Advanced tab. You will alter these settings:
- Change the Configuration Files→Folder value to where you saved your config files.
- Change the Configuration Files→Extension value to conf.
- Change the Log Files→Folder value to where you want to find your connection logs.
- Click OK
Editing your Config File
- The candela-udp.conf configuration file is going to be formatted for a Linux machine. You will need to change the location of the certificates to absolute Windows paths.
Backslashes \ need to be escaped: \\
Any paths with spaces need to be "double-quoted";.
- Here is an example file you can highlight and copy:
client
dev tun1
proto udp
remote firewall.candelatech.com 1194
#remote firewall.candelatech.com 443
script-security 2
resolv-retry infinite
nobind
persist-key
persist-tun
verb 3
ca ca.crt
cert "C:\\Program Files\\OpenVPN\\config\\laptop-dell.2019-08-13.jreynolds.candelatech.com.crt"
key "C:\\Program Files\\OpenVPN\\config\\laptop-dell.2019-08-13.jreynolds.candelatech.com.key"
comp-lzo
cipher AES-256-CBC
Starting and Stoping the VPN Connection
- After saving your config files, return to the taskbar to start an openvpn connection:
- Click on Taskbar up arrow ⋀
- Right click on the Computer with Padlock
- Select your connection name
- Select Connect