From UntangleWiki

All Untangle FAQs

Can I install the OpenVPN client that came with Untangle Server onto a Vista Operating System?

Yes! The OpenVPN client that Untangle bundles with the Untangle server has been upgraded for compatibility with Vista, both 32-bit and 64-bit versions. Please note, you might need to login as the administrator to the Vista machine or disable the UAC. To disable the UAC, please check out this URL: [1]

What operating systems does OpenVPN support?

OpenVPN supports the following operating systems:

• Windows 2000/XP and higher
• Linux
• OpenBSD
• FreeBSD
• NetBSD
• Mac OS X
• Solaris

I started OpenVPN and my network died. Why?

The most common cause is because the address pool assigned to VPN users is in the same address range used by LAN users. Unless your LAN uses addresses that are in the default VPN address pool, leave the VPN address pool as is. Otherwise, change the pool as needed to make sure they are different. For more information, go to Prepare To Configure Your VPN Server.

Why is the hostname not resolving for VPN users?

If you mapped a hostname to an IP address so that VPN users can access that network resource using the hostname instead of the IP address, and those users can only access the network resource using the IP address, you probably didn't select the export DNS check box when you mapped the hostname to the IP address as outlined in Mapping Computer Hostnames To IP Addresses.

What does Warning...files...no longer available... mean?

If you recieve the following message when you try to download the VPN Client:

Warning The files that you requested are no longer available, please contact your network administrator for more information

...your VPN Client key is no longer valid. Ask your Untangle Server administrator to resend the VPN Client key.

Why does OpenVPN provide a default IP address pool that is incompatible with my network?

As discussed in Configuring Untangle Server as a VPN Server, Untangle Client provides a default IP address pool (also known as virtual IP addresses). Accept the default. By design, this default IP address pool does not match your current network's IP address scheme, ensuring that remote VPN clients do not conflict with non-VPN clients on the same network.

How do I set up OpenVPN Server if my Untangle Server is behind another router?

Use port forwarding to enable users outside to connect to the VPN Server. Do the following:

1. Add a redirect or port forward from some external IP UDP port 1194 to the Untangle Server port 1194. Go to Redirecting External and Internal Traffic.
2. Configure OpenVPN to use the correct public external IP. (It may be necessary to redistribute your client configurations after making this change)

• If the hostname that looks up in DNS to the external IP, configure Untangle Server to use that hostname: Config > Administration > Public Address and specify the 'Use Hostname.'

• If you do not have a hostname that looks up externally, configure Untangle Server to use the external IP: Config > Administration > Public Address and choose 'Use a Manually Specified IP.'

If a user or site loses a secure key, how do I disable the old key and issue a new one?

When you remove a user from a VPN Site or VPN Client, you revoke that user's certificate and invalidate the key that was previously issued to that user. To permanently revoke a user's key, go to Revoking Users' VPN Access Permanently.

Can I administer an Untangle Server over a VPN connection?

Yes. To administer the Untangle Server, you must include the internal address of the system in one of the Exported hosts networks. This internal address can either be one of the following:

• A single entry that contains the IP address with a 255.255.255.255 netmask. For example, 192.168.1.1/255.255.255.255.

• An entry that contains a network that includes the IP address. For example, 192.168.1.0/255.255.255.0.

Can I use OpenVPN with my Mac OS X workstation?

Yes. OpenVPN supports many platforms including Mac OS X. You will need to install a VPN client on your Mac.

To install a Mac OS X VPN client:

1. Download the Tunnelblick client at http://www.tunnelblick.net (Release Candidate 3).
2. Unzip the download and copy the Tunnelblick application to your Applications Folder.

To configure Tunnelblick client:

1. Download VPN configuration files from Untangle Server.
2. Copy the config files to /Users/_USERNAME_/Library/openvpn

To start Tunnelblick client:

1. Execute client from the Applications folder.
2. The icon will appear in the top right corner of the Menu Bar. Click on the icon and select Connect 'office-mv'.
3. To view websites hosted inside the VPN you may need to do the following:
   1. click on "Details" in the Tunnelblick menu (see image below)
   2. check the "Set Nameserver" box (see 2nd image below)
   3. Disconnect and Re-Connect your VPN

Can I use OpenVPN on both of my WAN connections?

No. OpenVPN will only function on your primary WAN connection.