Skip to main content
The 2024 Developer Survey results are live! See the results
Super User

Return to Answer

Various grammar fixes
Source Link
edit approved Oct 8, 2023 at 9:20
Sergio
edit approved Oct 8, 2023 at 9:20
Sergio
  • 13
  • 5

You may want to investigate isif there's a way to elaborate a whitelist to force the service to connect only to specific files, and not all. I've had some issues in the past with people who needed to have a VPN server as a service plus several vpn client files in the same machine that only connect every now and then. In those situations, if I wanted OpenVPN GUI to show them a beautifull list of available connections, it meant that the service saw those files and was trying to connect to them automatically. In those cases, I decided not to use services at all:

RouesRoutes in Windows are stored under the following registry key:

To add ana specific route through the VPN Server:

Sometimes route pushing doesntdoesn't work on Windows. When this happens to me, I completly uninstall OpenVPN and it'sits interfaces from Windows, restart the system and install the latest version of the software. Then, before stablishingestablishing the first connection, I restart Windows. This has allwaysalways solved the issues, however. However, Windows 10 Anniversary update (1607) is buggy with OpenVPN. There's a link to a deeper discussion in OpenVPN forums:

If you're a consultant looking SU to give advice to a client, please consider using some specific NATIVE windowsWindows solutions, if your client's budget allows for it. I won't name any to avoid being flagged, but most knownsknown networking hardware companies offer solutions compatible with their devices that provide native drivers for any edge OS you maybmay think of. Disclaimer: I don't work for any of those companies. For my own dialy life I use OpenVPN, but to remotely connect to my company they've a commercial solution bundled on the computers: I never had a single connection issue, while OpenVPN is usually more delicateddelicate. Don't take me wrong, I've delivered OpenVPN to production environments for clients with total success, but you need to be extra cautionouscautious (and put watchdog and recoverfy measures in place, or just train the user to "click reconnectreconnect" if something doesn't work properly"properly).

You may want to investigate is there's a way to elaborate a whitelist to force the service to connect only to specific files, and not all. I've had some issues in the past with people who needed to have a VPN server as a service plus several vpn client files in the same machine that only connect every now and then. In those situations, if I wanted OpenVPN GUI to show them a beautifull list of available connections, it meant that the service saw those files and was trying to connect to them automatically. In those cases, I decided not to use services at all:

Roues in Windows are stored under the following registry key:

To add an specific route through the VPN Server:

Sometimes route pushing doesnt work on Windows. When this happens to me, I completly uninstall OpenVPN and it's interfaces from Windows, restart system and install the latest version of the software. Then, before stablishing the first connection, I restart Windows. This has allways solved the issues, however, Windows 10 Anniversary update (1607) is buggy with OpenVPN. There's a link to a deeper discussion in OpenVPN forums:

If you're a consultant looking SU to give advice to a client, please consider using some specific NATIVE windows solutions, if your client's budget allows for it. I won't name any to avoid being flagged, but most knowns networking hardware companies offer solutions compatible with their devices that provide native drivers for any edge OS you mayb think of. Disclaimer: I don't work for any of those companies. For my own dialy life I use OpenVPN, but to remotely connect to my company they've a commercial solution bundled on the computers: I never had a single connection issue, while OpenVPN is usually more delicated. Don't take me wrong, I've delivered OpenVPN to production environments for clients with total success, but you need to be extra cautionous (and put watchdog and recoverfy measures in place, or just train the user to "click reconnect if something doesn't work properly")

You may want to investigate if there's a way to elaborate a whitelist to force the service to connect only to specific files, and not all. I've had some issues in the past with people who needed to have a VPN server as a service plus several vpn client files in the same machine that only connect every now and then. In those situations, if I wanted OpenVPN GUI to show them a beautifull list of available connections, it meant that the service saw those files and was trying to connect to them automatically. In those cases, I decided not to use services at all:

Routes in Windows are stored under the following registry key:

To add a specific route through the VPN Server:

Sometimes route pushing doesn't work on Windows. When this happens to me, I completly uninstall OpenVPN and its interfaces from Windows, restart the system and install the latest version of the software. Then, before establishing the first connection, I restart Windows. This has always solved the issues. However, Windows 10 Anniversary update (1607) is buggy with OpenVPN. There's a link to a deeper discussion in OpenVPN forums:

If you're a consultant looking to give advice to a client, please consider using some specific NATIVE Windows solutions, if your client's budget allows for it. I won't name any to avoid being flagged, but most known networking hardware companies offer solutions compatible with their devices that provide native drivers for any edge OS you may think of. Disclaimer: I don't work for any of those companies. For my own dialy life I use OpenVPN, but to remotely connect to my company they've a commercial solution bundled on the computers: I never had a single connection issue, while OpenVPN is usually more delicate. Don't take me wrong, I've delivered OpenVPN to production environments for clients with total success, but you need to be extra cautious (and put watchdog and recoverfy measures in place, or just train the user to "click reconnect" if something doesn't work properly).

added 385 characters in body
Source Link
DGoiko
DGoiko
  • 1k
  • 6
  • 13

If you're a consultant looking SU to give advice to a client, please consider using some specific NATIVE windows solutions, if your client's budget allows for it. I won't name any to avoid being flagged, but most knowns networking hardware companies offer solutions compatible with their devices that provide native drivers for any edge OS you mayb think of. Disclaimer: I don't work for any of those companies. For my own dialy life I use OpenVPN, but to remotely connect to my company they've a commercial solution bundled on the computers: I never had a single connection issue, while OpenVPN is usually more delicated. Don't take me wrong, I've delivered OpenVPN to production environments for clients with total success, but you need to be extra cautionous (and put watchdog and recoverfy measures in place, or just train the user to "click reconnect if something doesn't work properly")

If you're a consultant looking SU to give advice to a client, please consider using some specific NATIVE windows solutions, if your client's budget allows for it. I won't name any to avoid being flagged, but most knowns networking hardware companies offer solutions compatible with their devices that provide native drivers for any edge OS you mayb think of. Disclaimer: I don't work for any of those companies. For my own dialy life I use OpenVPN, but to remotely connect to my company they've a commercial solution bundled on the computers: I never had a single connection issue, while OpenVPN is usually more delicated. Don't take me wrong, I've delivered OpenVPN to production environments for clients with total success, but you need to be extra cautionous (and put watchdog and recoverfy measures in place, or just train the user to "click reconnect if something doesn't work properly")

added 385 characters in body
Source Link
DGoiko
DGoiko
  • 1k
  • 6
  • 13
  1. Install the OpenVPN service when you install the client;
  2. Place your OpenVPN profiles (with the extension .ovpn, not .conf as is common on Linux) in the config subdirectory of the OpenVPN installation directory, probably C:\Program Files\OpenVPN\config.
  3. Open the Services console (services.msc);
  4. Find OpenVPNService, right click on it, Properties, and change startup type from “Manual” to “Automatic”.
  5. Start the service, and OpenVPN will find and connect to the profiles in any .ovpn files. Keep in mind in most situations you need one TUN/TAP interface per connection file. In windows, I strongly advise to permanently associate an interface with their connection using the configuration files: dev-node TAP_Serv forces OpenVPN to bind the connection to the network interface named "Tap_Serv". Added after reading some comments: You need one interface per connection. In Linux this is trivial, but in windows it may be problematic. HAving two configurations that you can SEPARATEDLY test succesfully, doesn't mean they'll run together, as they may be competing for the same interface. OpenVPN is a ported program, and windows driver subsystem has allways been a pain in the a**.
  1. Install the OpenVPN service when you install the client;
  2. Place your OpenVPN profiles (with the extension .ovpn, not .conf as is common on Linux) in the config subdirectory of the OpenVPN installation directory, probably C:\Program Files\OpenVPN\config.
  3. Open the Services console (services.msc);
  4. Find OpenVPNService, right click on it, Properties, and change startup type from “Manual” to “Automatic”.
  5. Start the service, and OpenVPN will find and connect to the profiles in any .ovpn files. Keep in mind in most situations you need one TUN/TAP interface per connection file. In windows, I strongly advise to permanently associate an interface with their connection using the configuration files: dev-node TAP_Serv forces OpenVPN to bind the connection to the network interface named "Tap_Serv".
  1. Install the OpenVPN service when you install the client;
  2. Place your OpenVPN profiles (with the extension .ovpn, not .conf as is common on Linux) in the config subdirectory of the OpenVPN installation directory, probably C:\Program Files\OpenVPN\config.
  3. Open the Services console (services.msc);
  4. Find OpenVPNService, right click on it, Properties, and change startup type from “Manual” to “Automatic”.
  5. Start the service, and OpenVPN will find and connect to the profiles in any .ovpn files. Keep in mind in most situations you need one TUN/TAP interface per connection file. In windows, I strongly advise to permanently associate an interface with their connection using the configuration files: dev-node TAP_Serv forces OpenVPN to bind the connection to the network interface named "Tap_Serv". Added after reading some comments: You need one interface per connection. In Linux this is trivial, but in windows it may be problematic. HAving two configurations that you can SEPARATEDLY test succesfully, doesn't mean they'll run together, as they may be competing for the same interface. OpenVPN is a ported program, and windows driver subsystem has allways been a pain in the a**.
added 316 characters in body
Source Link
DGoiko
DGoiko
  • 1k
  • 6
  • 13
added 316 characters in body
Source Link
DGoiko
DGoiko
  • 1k
  • 6
  • 13
Rewrite the first section completely for a drastic improvement in clarity (reviewers: please don’t blindly reject this, it’s a genuine and extremely useful change; before the edit, the answer is rambly and hides the useful information in poor investigative technique and prose; intent is preserved)
Source Link
edit approved Aug 16, 2018 at 4:31
Chris Morgan
edit approved Aug 16, 2018 at 4:31
Chris Morgan
  • 281
  • 2
  • 9
added 59 characters in body
Source Link
DGoiko
DGoiko
  • 1k
  • 6
  • 13
added 1415 characters in body
Source Link
DGoiko
DGoiko
  • 1k
  • 6
  • 13
Source Link
DGoiko
DGoiko
  • 1k
  • 6
  • 13