Connect using a Windows client application
The following procedures show how to establish a VPN connection using Windows-based VPN clients.
Before you begin, ensure that your Client VPN administrator has created a Client VPN endpoint and provided you with the Client VPN endpoint configuration file.
For troubleshooting information, see Windows troubleshooting.
Important
If the Client VPN endpoint has been configured to use SAML-based federated authentication, you cannot use the OpenVPN-based VPN client to connect to a Client VPN endpoint.
OpenVPN using a certificate from the Windows Certificate System Store
You can configure the OpenVPN client to use a certificate and private key from the Windows
Certificate System Store. This option is useful when you use a smart card as part of
your Client VPN connection. For information about the OpenVPN client cryptoapicert
option, see Reference Manual for OpenVPN
Note
The certificate must be stored on the local computer.
To use the cryptoapicert option with OpenVPN
-
Create a .pfx file that contains the client certificate and the private key.
-
Import the .pfx file to your personal certificate store, on your local computer. For more information, see How to: View certificates with the MMC snap-in
on the Microsoft website. -
Verify that your account has permissions to read the local computer certificate. You can use the Microsoft Management Console to modify the permissions. For more information, see Rights to see the local computer certificates store
on the Microsoft Technet website. -
Update the OpenVPN configuration file and specify the certificate by using either the certificate subject, or the certificate thumbprint.
The following is an example of specifying the certificate by using a subject.
cryptoapicert “SUBJ:Jane Doe”
The following is an example of specifying the certificate by using a thumbprint. You can find the thumbprint by using the Microsoft Management Console. For more information, see How to: Retrieve the Thumbprint of a Certificate
on the Microsoft Technet website. cryptoapicert “THUMB:a5 42 00 42 01"
After you complete the configuration, you use OpenVPN to establish a connection.
OpenVPN GUI
The following procedure shows how to establish a VPN connection using the OpenVPN GUI client application on a Windows computer.
Note
For information about the OpenVPN client application, see Community Downloads
To establish a VPN connection
-
Start the OpenVPN client application.
-
On the Windows taskbar, choose Show/Hide icons, right-click OpenVPN GUI, and choose Import file.
-
In the Open dialog box, select the configuration file that you received from your Client VPN administrator and choose Open.
-
On the Windows taskbar, choose Show/Hide icons, right-click OpenVPN GUI, and choose Connect.
OpenVPN Connect Client
The following procedure shows how to establish a VPN connection using the OpenVPN Connect Client application on a Windows computer.
Note
For more information, see Connecting to Access Server with Windows
To establish a VPN connection
-
Start the OpenVPN Connect Client application.
-
On the Windows taskbar, choose Show/Hide icons, right-click OpenVPN, and choose Import profile.
-
Choose Import from File and select the configuration file that you received from your Client VPN administrator.
-
To begin the connection, choose the connection profile.