OpenVPN Enabler for Catalina

This is a test project, to learn about setting up the OpenVPN Server on the Mac. This is not of commercial quality. Please use at your own risk. I would probably not be able to offer support.

This app only runs on macOS Catalina. Note: You may need to turn on port forwarding for port 1194 on the router for OpenVPN.


Step 1. SETTING UP THE SERVER


There are two panels — Server and Client. You use the same app to set up both the server and the client on the Mac. Unlike using VPN Enabler (which works simply with Apple’s built-in VPN client in Network Preferences), you need an app set up the OPen VPN client. 

Use the Suggest IP Addresses button to set up suitable values for your server’s local network. Use 8.8.8.8 for the DNS Server. (i’m still learning about how best to set this up).

Hit the Start OpenVPN button.

VPNEnabler.png

Step 2. STARTING THE SERVER


After you hit the Start OpenVPN button, you will see that a profile called Client-1 is automatically generated. You use this profiloe to set up the OpenVPN client.

VPNEnabler.png

Step 3. EXPORTING THE PROFILE


Export this profile (click on its name and the button will be enabled) and copy it to the OpenVPN client to set up the client server connection. You can use the same profile for any number of clients (not so secure but we start with this because it’s simpler).


After you’ve hit the Export Profile button, look for this file, wherever you have saved it :


VPNEnabler.png

Copy this profile to the Mac or iOS device, either through AirDrop or through email or any other means.


Step 4. SETTING UP THE CLIENT

1. If the client is an iOS device — except for one extra step, connecting to an OpenVPN Server from an iOS device is almost like what we did with the old Mojave VPN Server. Copy the above profile to the iOS device and install it in Settings. The extra step is that we need an app on the iOS device. For iOS, I didn’t write an OpenVPN client app because the one provided by OpenVPN suffices. Download it from their website. (https://apps.apple.com/us/app/openvpn-connect/id590379981) You don’t even need to open it or look at it. You just need to have it sitting on your iOS device. You launch the mobileconfig profile the usual way, by launching it from Settings or hitting the VPN button in Settings. Then watch if the VPN button shows it’s connected. (Hopefully).

2. If the client is a Mac — now we need an app. The OpenVPN app for MacOS is very Windows-centric. And so I wrote a Mac OpenVPN client and merge it in the same app as the one that enables the Server. Use the same OpenVPN Enabler app in the targetted client Mac, but use the Client tab. Drag the exported mobileconfig file onto a “well” just below the Start OpenVPN Client button.Once the file is dropped on the well, the OpenVPN Client app will extract out the client parameters from the profile ands set up the VPN client config. Then you’re reay to hit the Start OpenVPN Client button.


Once it is started the button turns green.

VPNEnabler.png


Step 5. TESTING THE CLIENT


Use Safari. Load the website : “http://checkip.dyndns.com”. 

Without the VPN turned on, it will show your “true” IP address — the network yuor Mac or IOS device is connecetd to. But with the VPN turned on, it will show you the IP address of the OpenVPN Server. So on both the IOpenVPN Server mchine and on the client, you do the same thing : load check-up.dyndns.com. Compare the IP addresses returned – if they are the same, then you’ve successfully connected back to your VPN.

You can also try pinging other machines on your local network, where your VPN Server is. You ping using the local private IP addresses the VPN Server is on. (I can reach other machines on my remote local network via their IP addresses, and I can log in to them via File Sharing and do ssh, etc, but I can’t reach my VPN server machine by its local IP address. I can only reach it by the virtual 10.8.0.1 address that the VPN sets up. So, still so much to learn).

Try it. But again, I can’t offer support :)

De-Install : you can remove everything the usual way in all my Enabler apps. And Option-Click to stop the server.


Release Log

1.0 October 31st 2019. OpenVPN Enabler for Catalina released. 

1.0.1 November 2nd 2019. Added a port number field. Added the ability to enter Custom OpenVPN Parameters (experimental). And the Log Panel now also shows the state of the current server.conf configuration file.

1.0.2 November 4th 2019. Some bug fixes

1.0.3 November 7th 2019. Forgot to include the ssl libraries ! For the people who are already using my other “enabler” apps for Catalina, they would already have the ssl libraries installed. But for those who have only installed this OpenVPN Enabler, the lack of the ssl library would have prevented the openvpn binary from running. This version corrects that problem. Just launch the app. If the ssl lib isn’t found, the app will install it. You don’t have to do a de-install. Do a Restart OpenVPN, and this time, it should work and you should find that the OpenVPN Log shows that OpenVPN did run.


Download

OpenVPN Enabler for Mojave

OpenVPNEnablerForCatalina.zip

The latest version is 1.0.3

Please check out the Release Log


Contact
Bernard Teo


This solution may not work as well as, or as conveniently as, the built-in vpnd on Mac OS Mojave because it needs an addtional piece of software on the client —

• for iOS, you need to download the iOS client app from openvpn.net (scroll down that page until you see the download link for the iOS app). But you just need to have the app on the iOS device. You don’t even need to open the app. You only need the profile generated by OpenVPN Enabler to be installed in iOS Settings, like in VPN Enabler.

• for the Mac, you run the same OpenVPN Enabler app on the client, as on the server, but in “client” mode. You copy over the profile generated by OpenVPN Enabler to set up the client automatically.

OpenVPN Enabler 
How To Videos :