VIP-ire;
When I was settingup the certificates, it asks for an email address. What is the significance of this? I do not have mail running off my server so an "internal" address won't work if it actually needs to do anything. I can give it a working address but from my ISP that I should get if the server needs to send anything.
Let me know. Thx in advance.
Ian
Well, the mail address is just a required field for a X.509 certificate. You can put the address you want, not necessary a mail account of this server. You can enter anything you want.
a) The bridge interface. Is this the name of the nic on the internet side of my server. As I recall when I set this up, it should be eth1.
b) Tap Interface is a software construct so I will leave this alone. (?)
No, you shouldn't have to change the 3 interfaces, I just put this in the panel for some specific configurations but, most of the time:
the bridge interface is br0 (it's a virtual interface in which we will enslave the 2 others)
the local interface to be bridge is the interface of your local network, not the internet side one. it's normally allways eth0
the Tap interface is the virtual interface of the VPN, it's always tap0
c) I picked authentication method 5 but did not get a place to enter username/password. Did I miss something?
When you choose a method with login/passwords, it refers to the login/passwords of the differents users accounts.
d) A bit confused by the "Do you want to use your server as default gateway..." I am using only one server that is in gateway and server mode. I will vpn in from the outside using client machine, so the answer to this is yes (?). I am not sure how to answer the Redirect Gateway question. I picked disabled but is this correct.
If redirect the gateway is enabled, that means that when a client connect to your server via VPN, your VPN server will become his default gateway, so all the communications of the client will pass through the VPN.
Which of the three files is the generated config file or did I miss something.
None of this 3 files is the configuration file, these are the certificates and the private key of the client (which are needed by the authentication method you choose). To view the configuration file, go in the certificate manager and click on the 'display' link of the certificate of the client you wan't, you will see the configuraiton file and that you need to do then is to copy/past these lines to the vpn.ovpn file.
Hope this will help you