Page 1 of 1
Automation of client connection
Posted: Thu Sep 08, 2022 8:30 pm
by jaglug
Is it possible to make the client.ovpn configuration file automatically installed in Openvpn along with its installation from Google play or the App store? So that the client does not have to manually install the .ovpn file himself
Re: Automation of client connection
Posted: Thu Sep 15, 2022 7:10 pm
by openvpn_inc
Hello jaglug,
Not practically, no. I mean you could enable developer mode on Android or jailbreak your iOS device to allow sideloading packages that contain such files so they can be deployed together with the installation of the package. But that would mean going outside of Google Play Store or Apple App Store entirely. You would also need a separate new delivery method for the installation files outside of the normal way and add a way of bundling profiles so that the become part of the installation package - which would have to be a unique one for each user's connection profile. All of this means it is less secure and a lot more work. Not only for the developer but also you as server maintainer and even the end-user.
What can be done is using the import function in OpenVPN Connect to get the profile from OpenVPN Access Server or OpenVPN Cloud simply by providing the correct login information in the app. This is done via REST API so in theory anyone can implement that.
There is also something quite new, which is the openvpn:// URI scheme. With this you can provide an HTTPS URL embedded in an openvpn:// URL that triggers the OpenVPN Connect client to open and start the import process and retrieve the connection profile from that HTTPS URL. This makes the import process a matter of sending the end user a link that they have to click to get the profile imported. It still requires that the OpenVPN Connect app is installed first though, through the usual method, but makes the import process a fairly easy process. The user would need to just click on such a URI, you would be asked to open the app, and the app will ask you to acknowledge the import, and you're done.
OpenVPN Access Server since release 2.11.0 allows to create such an openvpn:// URI with special token URLs in them that have a configurable lifetime and amount of uses that let OpenVPN Connect import a connection profile.
Kind regards,
Johan
Re: Automation of client connection
Posted: Sat Sep 17, 2022 7:32 pm
by ZeroOne
Im looking into integrating OpenVPN with Android over the course of a current EMM project im in charge of, and noticed that the OpenVPN for Android client by Arne Schwabe appears to support Android Enterprise Managed Configurations.
https://developer.android.com/work/mana ... igurations
I have yet to explore this possibility, ill try to follow up once i have. @me should i forget.
Regards,
Zero
Re: Automation of client connection
Posted: Tue Sep 20, 2022 8:09 pm
by jaglug
Thank you!!! you've helped me a lot.