BI and OpenVpn

rdxny

Getting the hang of it
Joined
Oct 15, 2022
Messages
139
Reaction score
81
Location
ny
I'm trying to install OpenVpn on my BI pc. (fios router can't do vpn), to avoid port forwarding.
I was able to install the server part (I think!) and it runs... though I'm not quite sure how to test it.
The issue is installing the client on Android. I installed OpenVpn on the phone, and it need the "client.ovpn" file. I copied that file to the phone, but when pointing OpenVpn app to that file, it shows errors finding the ca.crt, client.crt, and client.key files... I'm not sure where they need to be, or how to point to them in the client.ovpn file (I tried several ways), for example:

ca ca.crt
cert client.crt
key client.key

or

ca "c:\\program files\\openvpn\\Easy-RSA\\pki\\ca.crt"
cert "c:\\program files\\openvpn\\Easy-RSA\\pki\\issued\\client.crt"
key "c:\\program files\\openvpn\\Easy-RSA\\pki\\private\\client.key"

I tried copying the three files to the phone in same folder as the client.ovpn, no difference. I tried using another app, no change.

There is an option to retrieve the files using a web server interface to the openVpn on the pc..., but I have no clue how to do that.

Any suggestions will be appreciated.
 

rdxny

Getting the hang of it
Joined
Oct 15, 2022
Messages
139
Reaction score
81
Location
ny
update: I think I was able to connect the Schwabe version app, pointing to the files I had moved to the phone.
remaining questions: for the server choice, am I pointing the ap to my outward facing IP on the blue iris desktop running the vpn server? x.x.x.x:1194? or the internal ip? and protocol? UDP or TCP? so far I ger errors trying to connect...
 

SpacemanSpiff

Known around here
Joined
Apr 15, 2021
Messages
1,456
Reaction score
2,431
Location
USA
hosting the VPN server on your BI machine, which is inside your network (aka behind your router), will still require you to set-up port forwarding to the BI server... which defeats the purpose.

Can you put FIOS router in bridge mode, and purchase your own router that supports VPN?
 

rdxny

Getting the hang of it
Joined
Oct 15, 2022
Messages
139
Reaction score
81
Location
ny
hosting the VPN server on your BI machine, which is inside your network (aka behind your router), will still require you to set-up port forwarding to the BI server... which defeats the purpose.

Can you put FIOS router in bridge mode, and purchase your own router that supports VPN?
maybe, I hadn't considered that. The forwarding of a port to BI and VPN is no more secure that normal port forward?
 

SpacemanSpiff

Known around here
Joined
Apr 15, 2021
Messages
1,456
Reaction score
2,431
Location
USA
maybe, I hadn't considered that. The forwarding of a port to BI and VPN is no more secure that normal port forward?
Correct!

Best practice is to have your VPN server presence bound at/on the router.
 

SpacemanSpiff

Known around here
Joined
Apr 15, 2021
Messages
1,456
Reaction score
2,431
Location
USA
Great reads here on IPCT


 
Top