Four of the firewall devices that I maintain are all Astaro Security Gateway devices, which I personally think are just fantastic devices. In addition to firewall operations, the device functions as a Intrusion Protection System (IPS) and a VPN end-point for PPTP, IPSec, L2TP over IPSec and SSL!
I've always used the Mac's built-in PPTP client to work with the VPN connections. However, I've run into a few times when the PPTP port (1723) was blocked, so I wanted to use the SSL VPN, but the Astaro doesn't have a good Mac client, although it has a decent Windows client.
After some searching I came across OpenVPN, which the Astaro uses, which is available for the Mac platform. However, it's all command-line, not that I mind that, but I'd like something a little cleaner if I need to use it on a client's Mac for remote connections. I tried Tunnelblick, but found that it still seems a little "immature" at this point, at least in my opinion. Then I read a reference in the Astaro forums about Viscosity OpenVPN client for the Mac. I tried it and it worked, the first time, and it seems to act like a Mac app should. I'm currently using v0.7.2 on my MacBook Pro.
One note, if you login to the Astaro User Portal, you can download the configuration files needed for the SSL VPN. Now open Viscosity, on the menu select Preferences, go to the Connections tab, using the + at the bottom and select to Import Connection. Now point it at the config folder that you extract the Astaro configuration files into, point it at the .ovpn file for it to read the configuration settings.
After the import, select the connection, click the Edit button, on the Networking tab, if you know the IP routes of your internal network, I would suggest you enter them there. For example, if you have an internal LAN IP network of 192.168.192.x with a subnet mask of 255.255.255.0, then enter that into the route and use the "vpn_gateway" variable for the gateway value.
Last, click on the Advance tab, at the top of the configuration commands, type "--proto tcp-client", this tells the OpenVPN software that your a client connecting to an OpenVPN server. Now if you make your connection, after your username and password prompt, you should be up and running. Please note, that it takes my system about 30 seconds after the connection before things speed up, at first they seem to really lag.
1 comment:
Thanks for that gateway address setting. That had me stumped and without it, Viscocity takes over the whole interface.
Post a Comment