Sec504 OpenVPN Instructions for Windows 8 32-Bit

Installing OpenVPN on Windows 8 32-Bit


To install and configure OpenVPN, do the following:
  1. Go to https://labs.sans.org. From the "Downloads for Various Operating Systems" table, click on the link for "OpenVPN 2.3.4-I001-i686.exe" in the row for "Windows 8 32-Bit" and download the file.

  2. Run the downloaded "openvpn-install-2.3.4-I001-i686.exe" install file. If you get a "User Account Control" dialog, click "Yes". Accept all of the default values. If you get a "Windows Security" window asking about the "TAP-Windows Provider V9 Network adapters", click "Install".

  3. Launch a web browser and download your user specific OpenVPN configuration file (unique link provided via email). The URL is provided in the email you received that had the subject "SEC504 Virtual Lab Access". The URL is in the "User Authentication" section of the message. Save the file in your Desktop and then copy it to the C:\Program Files\OpenVPN\config folder. If you get a "Destination Folder Access Denied" pop-up, click "Continue".

Starting OpenVPN on Windows 8 32-Bit

  1. Press the Windows button and type "OpenVPN". Right-click on "OpenVPN GUI" and then click "Run as administrator" at the bottom of the screen. Click "Yes" in the "User Account Control" window if it pops up.

  2. Right-click on the "OpenVPN GUI" system tray icon and select "Connect". When the connection completes, the status window will disappear and a text buble will popup from the "OpenVPN GUI" system tray icon with the IP address that was assigned.

    NOTE: If you only have one OpenVPN config, the Connect/Disconnect options are on the main menu. Once you have two or more OpenVPN configs loaded, there will be sub-menus for each. If you have multiple configurations listed, selected the appropriate one for your current class.

  3. When prompted, enter the password for your OpenVPN key. The password is in the email.

  4. To verify that the OpenVPN connection was established, run "ipconfig" in a "Command Prompt" and look for an interface which should have a "10.10.7[5-9].x" IP address.

  5. After you see the interface, try pinging the following IP address: 10.10.0.1. This device should be pingable. Do NOT, repeat do NOT try scanning or attacking this device. This is NOT one of the Sec504 targets. You will be told what the target range is.

Common Configuration Issues

For a list of common configuration issues that we have seen, please refer to Common Configuration Issues