Typos

OpenVPN maybe free and open source, but it sure challenges the enterprise stuff out there. It is a full featured SSL VPN which can be used to create a VPN over a redily available public network. It has Linux and Windows clients, which means you are not limited to Linux alone when using OpenVPN. Ok lets dive in to installation and setup:

1. Install openvpn.

# yum install openvpn

2. Copy the necessary configuration files to generate RSA keys and Initialize PKI.

# cp -R /usr/share/openvpn/easy-rsa/ /etc/openvpn/
# cd /etc/openvpn/easy-rsa/2.0/

3. Make the /etc/openvpn/keys direcotory and edit the /etc/openvpn/easy-rsa/2.0/vars file:

# mkdir /etc/openvpn/keys
# vi vars

now set the parameters for KEY_COUNTRY, KEY_PROVINCE, KEY_CITY, KEY_ORG and KEY_MAIL. Here is a sample:

export KEY_COUNTRY="MV"
export KEY_PROVINCE="Kaafu"
export KEY_CITY="Male"
export KEY_ORG="Fourthirty Inc."
export KEY_EMAIL="typos@fourthirty.rog"

also set the KEY_DIR parameter line to read as:

export KEY_DIR="/etc/openvpn/keys"

4. Initialize PKI.

# . ./vars

the above line is very tricky (dot space dot/vars)

# ./clean-all
# ./build-ca

5. Build the server key.

# ./build-key-server server

6. Generate certificates and keys for clients. You can do this for as many clients you want to joing your VPN. I am demonstrating the setup of only one client.

# ./build-key client1

7. Generate Diffie Hellman parameters/

# ./build-dh

8. Copy server.conf file from the /usr/share/doc/openvpn-2.1/sample-config-files/ to /etc/openvpn/ and make the following changes:

# cp /usr/share/doc/openvpn-2.1/sample-config-files/server.conf /etc/openvpn/

ca keys/ca.crt
cert keys/server.crt
key keys/server.key
dh keys/dh1024.pem
server 172.16.0.0 255.255.255.0

9. That’s it ! You have successfully set up the OpenVPN server. Now start the service and set it to start automatically on start.

# service openvpn start
# chkconfig openvpn on

10. Setup the client in Linux. Copy the client.conf to /etc/openvpn

# cp /usr/share/doc/openvpn-2.1/sample-config-files/client.conf /etc/openvpn/

from the server system copy ca.crt, client1.crt and client1.key over to  the client machine. Use a secure method to do this. The files are located in /etc/openvpn/keys/

edit the client.conf to include:

remote <ip of server> 1194
ca keys/ca.crt
cert keys/client.crt
key keys/client.key
ns-cert-type server

start the client service now.

# service openvpn start

ping to 172.16.0.1 from client machine. If it succeeds…congrats you have a working VPN !

11. To setup the client in windows, get the binary and install it. Use the same confiurations in the client.ovpn and run it.

Ndiswrapper was my last option, but unfortunately I managed to get it working via Ndiswrapper. In case some one needed to do this here is how:

1. Install ndiswrapper:

yum install ndiswrapper

2. Once I install ndiswrapper I needed the Windows driver files for the adapter. I had the Vista Driver .inf file and .sys files but ndiswrapper doesn’t work with Vista drivers. So I went ahead and downloaded the Windows XP drivers for TEW-55UB. Unfortunately it was an EXE…Not even a self-extracting zip archive! So I needed a way to extract the XP driver files from the EXE. I installed it in Windows and searched for the latest files created in my system. From that I was able to identify the actual drivers files: net5523.inf, ar5523.sys and ar5523.bin. Download them from here and copy to you Linux machine:

unzip TEW-55UBLinux.zip
ndiswrapper -i TEW-55UBLinux/net5523.inf
ndiswrapper -m

NB: The last command will set the USB Device to be set as wlan0. This might be a problem if you already have another Device as wlan0. This can be prevented by editing /etc/modprobe.d/nidswrapper to include:

alias wlan1 ndiswrapper

3. Load the Kernel Module:

modprobe ndiswrapper

Now you will be able to use your Trendnet TEW-55UB USB Wireless 802.11g adapter on Linux. The above method can be used for almost any Wireless Adapter, but be sure to have the appropriate windows driver files. If you fail to find the drivers of an EXE using the above method, there are always options like PE-Explorer to extract the necessary files.

Well it has been a while since I last updated the directory data. When I checked, I found out that the previous script that I used doesn’t work anymore. I guess they must have changed the site. So I had to fix the edir script a little and while I was at it I did add some extra features like resuming a previous operation by adding ‘-c’ in the command line. It was necessary since we have to depend on ‘reliable’ connections most of the time.

So download the directory data from here & the script is here in case any of you need it.

Make sure you have the Freshrpms repo installed. If not:

rpm -ivh ftp://ftp.freshrpms.net/pub/freshrpms/fedora/linux/9/freshrpms-release/freshrpms-release-1.1-1.fc.noarch.rpm

Then install vlc:

yum -y install vlc

to install Mplayer:

yum -y install mplayer mplayer-gui gecko-mediaplayer mencoder

That’s it. Enjoy! But for me I had a few hiccups…in case you had them here is how to fix it:

1. VLC has no sound:

This seems to be a problem of some missing dependencies when installed from Freshrpms repo. So install livna repos and update:

rpm -ivh http://rpm.livna.org/livna-release-9.rpm
yum -y update vlc

Make sure that you disable Livna repos to prevent the problems faced during mixing repos. If you need help to do this, refer to Installing repos on Fedora article.

2. The previous update of vlc also updated Mplayer in order to resolve dependencies. When starting Mplayer I had an error: The flip-hebrew option can't be used in a config file. Error parsing option flip-hebrew=no at line 133!

This can be solved with:
sed -i 's/flip-hebrew/#flip-hebrew/' /etc/mplayer/mplayer.conf

Finally, I wanted to set VLC as my default player for opening Multimedia files. Right-click on a Video file and go to Properties -> Open With -> and choose the VLC radio button -> Close. Now double-clicking a media file will open VLC to play it.

I was amazed with the new cool Fedora 9, but it really drew me mad when I found out that I can’t tap my touchpad to emulate a click. I didn’t bother much about it thinking that it will be solved once I get the latest updates, but that didn’t help either. It wasn’t hard to find a solution for the problem here.

edit /etc/X11/xorg.conf to include the following changes:

1. add the following to the “ServerLayout” section:

InputDevice “TouchPad” “CorePointer”

2. create a new Section at the bottom of the file:

Section “InputDevice”
Driver “synaptics”
Identifier “TouchPad”
Option “SendCoreEvents”
Option “Protocol” “auto-dev”
Option “SHMConfig” “on”
Option “TapButton1? “1?
Option “TapButton2? “2?
EndSection

Now Logoff and log back in, Touchpad should be working fine. If you don’t wanna do this manually, there is an RPM package which fixes this:

As root:
rpm -ivh http://www.ocf.berkeley.edu/~bobk/packages/synaptics-0.14.6-8.1.fc9.i386.rpm

Log off en log back in. Hope this helps