.ovpn
fileIncludes the five sections in the Manual Method all in an easy to run script.
There is no web interface for this script. To run the script open the client console or terminal and access the IPFire box via SSH.
Once connected via SSH, create a directory for creating .ovpn files with this script. Example:
mkdir /root/ios cd /root/ios
Locate the the <ovpn_file>.ovpn
file obtained from the Download Client Package (zip) and copy the file to the /root/ios
directory on the IPFire box.
Copy the code below to a file named openvpncmd.sh
into the same directory:
#!/bin/bash set -e #set -x # OpenVPN script for IPCop/iOS, www.magnuswedberg.com # # Launch via: # openvpncmd ovpn_file password(PKCS12 File Password) # # $1 param = YourNewOpenVPNfile.ovpn # $2 param = PKCS12 Password # if (( $# < 2 )); then # TODO: print usage echo "Usage: openvpncmd ovpn_file password(PKCS12 File Password)" exit 1 fi cp "$1" tmp.ovpn PKCS12_PW="$2" # PKCS12 File Password # Convert windows file to linux file (drop Carriage Returns) sed -i 's/\r$//g' tmp.ovpn # get key & value from input ovpn file while IFS=" " read -r key value remainder do #echo "key=$key" ; echo "value=$value" ; echo "remainder=$remainder" ; echo case "$key" in verify-x509-name ) RedIPaddr="$value" ;; *pkcs12 ) pkcs12File="$value" ;; esac done < tmp.ovpn # Comment out the "tls-auth ta.key" line and the "pkcs12 *.p12" line sed -i -E -e 's/^tls-auth /#tls-auth /' -e 's/^pkcs12 /#pkcs12 /' tmp.ovpn p12File=/var/ipfire/ovpn/certs/"$pkcs12File" FILE="$p12File" fn=$(basename "$FILE") #bn="${fn%%.*}" ovpnFile="${fn%%.*}".ovpn cp tmp.ovpn $ovpnFile rm tmp.ovpn echo "key-direction bidirectional" >> $ovpnFile echo "<ca>" >> $ovpnFile cat /var/ipfire/ovpn/ca/cacert.pem | sed '/^-----BEGIN CERTIFICATE-----/,$!d' >> $ovpnFile echo "</ca>" >> $ovpnFile echo "<cert>" >> $ovpnFile openssl pkcs12 -in $p12File -clcerts -nokeys -password pass:$PKCS12_PW | sed '/^-----BEGIN CERTIFICATE-----/,$!d' >> $ovpnFile echo "</cert>" >> $ovpnFile echo "<key>" >> $ovpnFile openssl pkcs12 -nocerts -in $p12File -passin pass:$PKCS12_PW -passout pass:$PKCS12_PW | sed '/^-----BEGIN ENCRYPTED PRIVATE KEY-----/,$!d' >> $ovpnFile echo "</key>" >> $ovpnFile echo "<tls-auth>" >> $ovpnFile cat /var/ipfire/ovpn/certs/ta.key | sed '/^-----BEGIN OpenVPN Static key V1-----/,$!d' >> $ovpnFile echo "</tls-auth>" >> $ovpnFile #echo "ovpn file = " #cat $ovpnFile; echo exit
Once copied and saved, enter:
chmod +x /root/ios/openvpncmd.sh
and to run the command enter:
./openvpncmd.sh <ovpn_file>.ovpn <PKCS12 File Password>
Copy the newly created .ovpn
unified file from the IPFire to the client computer. And now install the new .ovpn
unified file onto the iDevice follow the steps here.
Older Revisions • January 23 at 11:49 pm • Jon