 |
|
|
 |
||
|
|
Personal |
|
|
Academic |
|
|
Projects |
|
|
Resources |
|
|
Emacs |
|
|
VPN on OS X |
|
|
OpenVPN on OS X |
|
|
Kerberos |
|
|
Contact |
Running OpenVPN on Mac OS X
This archived page describes how to install and run OpenVPN on Mac OS X 10.1.x. If you're looking for up-to-date information of Mac OS X 10.2, check out the current page.
The tunnel kernel extension
First of all, you'll need the tunnel kernel extension, version 1.1.0. Install it in /System/Library/Extensions and create a StartupItem to load it at system startup.
Building OpenVPN
Obtain OpenVPN version 1.2.0 or later from http://openvpn.net/ and unpack the tarball. OpenVPN comes with a standard configure script, but you must first figure out some parameters to pass to it. OpenVPN has two prerequisites, OpenSSL for encryption and LZO for real-time compression.
First, OpenSSL. While it is possible to build OpenVPN without
OpenSSL, you'd loose any encryption capability. Apple ships the
OpenSSL libraries with Mac OS X, but unfortunately they left out the
headers required to compile programs. There are several ways to get
useable headers; the Fink
openssl package is one of them. In this case, add
Next, LZO. If you don't want real-time compression, you can just
disable it with
Once you have this worked out, run the configure script
with your parameters, then do a make and a
./configure --with-ssl-headers=/sw/include --disable-lzo make make install
If you're not root already, use
Running OpenVPN
Running OpenVPN on Mac OS X is not much different from other Unix flavors. I suggest that you read the official documentation first. Here are some Mac OS X specific tips:
- If in doubt, pretend that you're running OpenBSD, not Linux.
- The --ifconfig option doesn't work on Mac OS X. (As of OpenVPN 1.2.0, that is.) You'll need an "up" shell script that runs at least ifconfig and possibly also route.
- ifconfig doesn't need the pointopoint word, like in OpenBSD.