I need to connect external computers to a local domain.
I try with TurnKey OpenVPN version (16.1)
To connect a computer outside the local network with this topology.
Central Offices
Sample static IP 45.62.84.156
| domain |||||||||| openvpn |||| <==============> internet <================> remote computer dinamic IP
| 192.168.1.7|||||| 192.168.1.13 |
|--------------+--------------------------+
lan
192.168.1.0/24
+-----------------------------------------+
Domain and openvpn are separate server.
How would the setup be?
Would it be necessary to use the openVPN application to join the Windows machine to the local domain?
Can be done?
I haven't found anything about it on the forum.
Connect external computers to a local domain.
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 5
- Joined: Thu Mar 09, 2023 6:26 pm
-
- OpenVpn Newbie
- Posts: 5
- Joined: Thu Mar 09, 2023 6:26 pm
Re: Connect external computers to a local domain.
The truth is that this distribution has greatly facilitated the VPN connection, to access the local domain through a VPN connection, it is only necessary to configure the push option so that the equipment connected by VPN can access the network where the domain server is. working, then you have to configure the DNS of the virtual network device that the client computer uses for the VPN connection with the address of the domain server.
In OpenVPN settings example:
# push routes to clients to allow them to reach private subnets
push "route 192.168.1.0 255.255.255.0"
http://j20003.es/palaimg/opnvpn/7-server.conf.JPG
DNS for the client computer example:
192.168.1.7
http://j20003.es/palaimg/opnvpn/8-Client-DNS.JPG
In OpenVPN settings example:
# push routes to clients to allow them to reach private subnets
push "route 192.168.1.0 255.255.255.0"
http://j20003.es/palaimg/opnvpn/7-server.conf.JPG
DNS for the client computer example:
192.168.1.7
http://j20003.es/palaimg/opnvpn/8-Client-DNS.JPG
-
- OpenVpn Newbie
- Posts: 5
- Joined: Thu Mar 09, 2023 6:26 pm
Re: Connect external computers to a local domain.
Important, to be able to enter the domain, the VPN connection must be working.
We must start the VPN connection with the system administrator user, once the VPN connection is activated we can join the domain.
When we restart the system, to enter the domain, we must first start the local user session and connect the VPN,
without closing the local session with which we have connected the VPN,
we use the change user option and start our session with the domain user .
If we have configured the option to remember the data of connected users,
we can start the session without being connected to the domain,
this can cause security problems. We can use the windows autolon tool to automate the VPN connection.
This solution is best suited for multi-user computers.
Link: https://learn.microsoft.com/es-es/sysin ... /autologon
OpenVPN's connection automation script:
timeout 5
cd C:\Program Files\OpenVPN\bin\
openvpn-gui.exe --connect example.ovpn
Save to C:\Users\My-User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup as .bat or .cmd
Note: So far I haven't been able to connect to OpenVPN without logging in, I guess it's due to the nature of the app that needs to be launched graphically.
I will continue investigation
We must start the VPN connection with the system administrator user, once the VPN connection is activated we can join the domain.
When we restart the system, to enter the domain, we must first start the local user session and connect the VPN,
without closing the local session with which we have connected the VPN,
we use the change user option and start our session with the domain user .
If we have configured the option to remember the data of connected users,
we can start the session without being connected to the domain,
this can cause security problems. We can use the windows autolon tool to automate the VPN connection.
This solution is best suited for multi-user computers.
Link: https://learn.microsoft.com/es-es/sysin ... /autologon
OpenVPN's connection automation script:
timeout 5
cd C:\Program Files\OpenVPN\bin\
openvpn-gui.exe --connect example.ovpn
Save to C:\Users\My-User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup as .bat or .cmd
Note: So far I haven't been able to connect to OpenVPN without logging in, I guess it's due to the nature of the app that needs to be launched graphically.
I will continue investigation
-
- OpenVpn Newbie
- Posts: 5
- Joined: Thu Mar 09, 2023 6:26 pm
Re: Connect external computers to a local domain.
OpenVPN as a system service
Full information in the link:
https://openvpn.net/vpn-server-resource ... emon-mode/
Full information in the link:
https://openvpn.net/vpn-server-resource ... emon-mode/
-
- OpenVpn Newbie
- Posts: 3
- Joined: Wed Apr 26, 2023 5:14 pm
Re: Connect external computers to a local domain.
I did it. To work fine with MS Active Directory domains you should set up an L2 tunnel (and setup bridge). Also your remote clients/servers need to automatically connect to VPN network after booting.
I have no acces to server config right now. Try too google it out. Check this way out and if it is what you need, I'll try to get working configs (OpenVPN on Ubuntu Server).
p.s. Don't forget to push DNS options to clients and set your domain's DNS server there. Otherwise your clients would not be able to resolve the domain name and you will not be able to add them to domain (MS AD).
I have no acces to server config right now. Try too google it out. Check this way out and if it is what you need, I'll try to get working configs (OpenVPN on Ubuntu Server).
p.s. Don't forget to push DNS options to clients and set your domain's DNS server there. Otherwise your clients would not be able to resolve the domain name and you will not be able to add them to domain (MS AD).
-
- OpenVpn Newbie
- Posts: 5
- Joined: Thu Mar 09, 2023 6:26 pm
Re: Connect external computers to a local domain.
I followed this tutorial, and it works perfectly for me with OpenVPN Connect v3.
https://openvpn.net/vpn-server-resource ... emon-mode/
It connects directly without the need to start a local session that starts the connection to VPN.
I did it with specific Turnkeylinux distributions, domain and OpenVPN:
OpenVPN: https://www.turnkeylinux.org/openvpn
Domain: https://www.turnkeylinux.org/domain-controller
I'll try to make a video tutorial when I have time.
https://openvpn.net/vpn-server-resource ... emon-mode/
It connects directly without the need to start a local session that starts the connection to VPN.
I did it with specific Turnkeylinux distributions, domain and OpenVPN:
OpenVPN: https://www.turnkeylinux.org/openvpn
Domain: https://www.turnkeylinux.org/domain-controller
I'll try to make a video tutorial when I have time.