 |
|
|
 |
||
|
|
Personal |
|
|
Academic |
|
|
Projects |
|
|
Resources |
|
|
Emacs |
|
|
VPN on OS X |
 |
 |
OpenVPN on OS X |
|
|
Kerberos |
|
|
Contact |
Running OpenVPN on Mac OS X
This page describes how to install and run OpenVPN on Mac OS X 10.2.x. The instructions for Mac OS X 10.1.x have been archived on a separate page.
The tunnel kernel extension
First of all, you'll need the tunnel kernel extension, version 1.2.1 or later. Install the extension in /System/Library/Extensions and the startup item in /Library/StartupItems, as detailed in the included instructions. If you don't want to load the extension manually, reboot after installation to load it through the startup item.
Building OpenVPN
Obtain OpenVPN (1.3.2 was current at the time of writing) from http://openvpn.net/ and unpack the tarball. OpenVPN comes with a standard configure script, but you must first figure out some parameters to pass to it. OpenVPN has two prerequisites, OpenSSL for encryption and LZO for real-time compression.
With Mac OS X 10.2, OpenSSL is no longer a problem since Apple finally managed to include headers. The configure script will locate and use them automatically.
Next up is LZO. If you don't want real-time compression, you can just
disable it with
Once you have this worked out, run the configure script
with your parameters, then do a make and a
./configure --disable-lzo make make install
If you're not root already, use
Running OpenVPN
Running OpenVPN on Mac OS X is not much different from other Unix flavors. I suggest that you read the official documentation first. Here are some Mac OS X specific tips:
- If in doubt, pretend that you're running OpenBSD, not Linux.
- The --ifconfig option works since OpenVPN 1.2.1. However, if you're accessing a remote network (not just a single host), you need an "up" shell script to set the appropriate static routes.