OpenVPN using OS X (Mac): Tunnelblick

Document technical information

Format pdf
Size 1.2 MB
First found Nov 13, 2015

Document content analysis

Language
English
Type
not defined
Concepts
no text concepts found

Transcript

Geschäftsbereich IT
h
Auc sche
t
deu vors
l
a sion
Ver anden
h
Ownership | Business Function IT, Charité | Networks Dept. | Tel. +49 30 450 575 444 | Fax +49 30 450 570 962 | [email protected] | Rev. 1.12 | Latest update: 10/2014 | Translation: Farina Boltersdorf
OpenVPN using OS X (Mac): Tunnelblick
The Charité VPN service is based on the OpenVPN which is available for a multitude of operating systems. Tunnelblick is used
on the OS X.
The following instructions are based on the Mac computer
using OS X 10.8.5 (Mountain Lion). Tunnelblick runs on operating systems starting with OS X 10.4 (Tiger).
Downloading the Programme and
Installation
After your VPN request has been processed, you will receive
a confirmation mail with various links to software and documentation as well as a second email with a zip file containing your personal VPN certificate and a configuration file
(used for Windows or OS X). Please note the instructions
regarding the password from the access notification:
☞For employees/students the email password is your VPN
password.
☞ Everybody else: you need to set your password on
(https://zugang.charite.de) before your first login attempt.
Fig. 1 Tunnelblick site
Using your web browser (Safari or Firefox) call up the Tunnelblick site http://www.tunnelblick.net and click on the green
arrow Downloads. Choose the programme you find in the
section Tunnelblick stable Release, fig. 1. The programme is
stored and displayed as an open disk image on your desktop,
fig.2.
Fig. 2 Tunnelblick package after download
CHARITÉ - UNIVERSITÄTSMEDIZIN BERLIN
Eine gemeinsame Einrichtung der Freien Universität Berlin und der Humboldt-Universität zu Berlin
OpenVPN using OS X: Tunnelblick
– Page 2/4
Geschäftsbereich IT
Ownership | Business Function IT, Charité | Networks Dept. | Tel. +49 30 450 575 444 | Fax +49 30 450 570 962 | [email protected] | Rev. 1.12 | Latest update: 10/2014 | Translation: Farina Boltersdorf
Setting up the programme and configuration
Tunnelblick carries out the installation when you double-click the icon
in disk image as requested, fig. 2. Then as is usual for OS X, a warning
appears for programmes downloaded from the Internet, fig. 3. Confirm
this with Öffnen (open) and the next window appears. You have to
enter a local user name with administrator privileges, fig. 4, not your
Fig. 3 Warning before first start
OpenVPN user name! In a few seconds, the installation is complete
and the window as in fig. 5
appears. Now let Tunnelblick
run (Ausführen), as only
then can the installation be
completed. Should you have
Fig. 5 Start after installation
mistakenly clicked Beenden
(exit), Tunnelblick can also
be re-started from the folder
Programme and continued
Fig. 4 Installation confirmation
from the same point. Now the
Tunnelblick configuration data is required, fig. 6, which you received as a zip attachment. Depending on the email programme
used (Apple Mail or Outlook) when you double-click on the email programme the zip file is unzipped and stored as a folder in
a particular place. Fig. 7 shows Apple Mail and
the unzipped folder. Now double-click on the
file charite.ovpn to install the configuration.
Should this not work properly you can rightclick charite.ovpn, choose Öffnen mit… (open
with…) and execute it by Tunnelblick.
Fig. 6 Install configuration
Abb. 7 Email with zipped file and temporary folder with unzipped file
OpenVPN using OS X: Tunnelblick
– Page 3/4
Ownership | Business Function IT, Charité | Networks Dept. | Tel. +49 30 450 575 444 | Fax +49 30 450 570 962 | [email protected] | Rev. 1.12 | Latest update: 10/2014 | Translation: Farina Boltersdorf
Geschäftsbereich IT
You will be asked if the configuration should be available to all
users (Alle Benutzer) or just the current user (Nur für diesen Benutzer), fig. 8. Choose the latter one.
To install the configuration You have to enter a local user name
with administrator privileges, fig. 9, not your OpenVPN user
name! The installation will only be
successful, if the file
client.p12 is located
in the same directory as charite.ovpn.
Usuallly this will be
true, because you received both as one zip
archive. If client.p12
is not found an error
Fig. 9 Installation confirmation
results, fig. 10.
Fig. 8 Configuration for actual user only
Abb. 10 certificate file not found
Connection to the Charité network
Tunnelblick is running and ready for use. It has also installed itself as Login Item (Anmeldeobjekt)
in your Account (Systemeinstellungen ➙ Benutzer ➙ Anmeldeobjekte), i.e. Tunnelblick ist started
automatically whenever you log in to OS X.
Fig. 11 Drop-down menu
The programme start is relatively unspectacular: the gray tunnel icon appears on the top right of the menu bar, fig. 11.
Click on the icon and a drop-down menu allows you to make
a connection. Please note: Should you have problems using
Tunnelblick please send us the programme report that appears
in the VPN Details… window, fig. 12. Only then can the VPN
administrator understand the problem and help you.
Fig. 12 Details window (short version)
Now choose „charite” verbinden from the drop-down menu to connect with the
Charité network. Tunnelblick then requires authentification by user name and password, fig. 13. Use the information provided to you by email: your standard user
name in the Charité and the appropriate VPN password.
If the authentication is accepted, the tunnel symbol
in the menu bar changes to a black silhouette after a
blinking phase, fig. 14. You are now connected to the
Charité network.
Abb. 13 OpenVPN registration
Abb. 14 Connection OK
OpenVPN using OS X: Tunnelblick
– Page 4/4
Geschäftsbereich IT
Ownership | Business Function IT, Charité | Networks Dept. | Tel. +49 30 450 575 444 | Fax +49 30 450 570 962 | [email protected] | Rev. 1.12 | Latest update: 10/2014 | Translation: Farina Boltersdorf
Working with the Charité network
Your Mac is now connected to the virtual Charité network. As for all computers in the Charité network the Charité proxy has
to be used for internet access. This of course is only possible as long as you are connected to Tunnelblick. The Firefox browser
has always had the ability to recognise whether a proxy is to be used and where to find it at the start of the programme.
The appropriate Firefox setting is »Die Proxy-Einstellungen für dieses Netzwerk automatisch erkennen« and can be found under
menu Firefox and then Einstellungen ➙ Erweitert ➙ Netzwerk . There you click Einstellungen.
Safari has a similar function from OS X 10.6 (Snow Leopard) onwards. Should you be using an older OS X version, you have
to help yourself using different Umgebungen or use Firefox. You will find the settings in Safari under Einstellungen ➙ Erweitert ➙ Proxies. It is actually a OS X function as Systemeinstellungen ➙ Netzwerk is opened. Click the option »Automatische ProxyEntdeckung«, fig. 14. You can now, without having to switch, surf with or without Tunnelblick. If you would like to fix the
proxy setting within the Charité net, use the option »Automatische Proxy-Konfiguration« found at the same place and under
Konfigurationsdatei type in http://proxy.charite.de, fig. 15.
Important hint: The browser is retrieving the automatic proxy configuration on startup only. This means that you need
to restart the browser after connecting or disconnecting from the VPN!
Fig. 14 Automatic proxy recognition
Fig. 15 Charité-Proxy system settings
Testing the OpenVPN Connection
http://vpntest.charite.de provides a one-stop web service to check if the VPN connection is working properly. Three green dots
indicate a fully operational VPN, fig. 16. In case of errors you’ll bei given hints on what might be wrong and how to fix it.
Fig. 16 Website http://vpntest.charite.de

Similar documents

×

Report this document