Skip to content

Openvpn client

Archived (pre-2022)

Preserved for reference only -- likely outdated. View original | Last updated: June 2019

Macos:
Openvpn Connect 2.7.1.100 Signed.Dmg

or use tunnelblick

Linux:

  • standard openvpn client for linux
  • network manager

If you use ubuntu 18.04 with systemd-resolved use this to make dns push work:

Ubuntu 18 04 No Dns Resolution When Connected To Openvpn

For Debian distros, if you're having problems you might need to do this:

  1. sudo apt-get install resolvconf openvpn-systemd-resolved
  2. Edit your .ovpn file by adding those lines at the end:

- 

  script-security 2

  up /etc/openvpn/update-resolv-conf

  down /etc/openvpn/update-resolv-conf

  ;up /etc/openvpn/update-systemd-resolved

  ;down /etc/openvpn/update-systemd-resolved

  down-pre

  dhcp-option DOMAIN-ROUTE .
- for Ubuntu systems and others that are using resolved just comment resolv-conf and uncomment systemd-resolved lines

How to connect:

  • unpack archive with certs on config (*.ovpn file)
  • install openvpn client
  • import config with ovpn extension
  • edit /etc/systemd/resolved.conf and change the lines starting with DNS and Domains, to the following:

DNS=10.8.0.1
Domains=~consul ~prd.fyber.com ~prd-aws.fyber.com ~eu-west-1.compute.internal ~ovpn
- open VPN settings in network manager and, in the IPv4 tab, check the Use this connection only for resources on its network.

What can do:

  • access DC subnet 10.99.0.0/16
  • access aws fyber core production subnets 10.37.0.0/16
  • access exasol 192.168.235.80/255.255.255.240 (Exasol TEST) and 172.30.23.0/255.255.255.0 (Exasol BI)
  • query dns zones:
    *.prd.fyber.com
    *.consul
    *.eu-west-1.compute.internal
  • ci.fyber.com is connected to vpn network and can be reached by Ci domain name