Wednesday, April 14, 2010

Up and running with Adito (Openvpn ALS) VPN solution

Just recently i've had the opportunity to install the VPN server software, Adito, now known as Openvp-ALS and i find this piece of software to be very impressive. Adito is what is known as a clientless system, which means that no additional client software needs to be installed to connect to the server (you use any web browser as the client). It is based of SSL-Explorer, a once open source project that utilizes SSL technology to establishits VPN tunnels. Adito works similarly with SSL being the very gut of it's VPN system. The project also utilizes java, making it quite universal in the sense that it can be installed on Windows, Linux or a MAC. Because it works over HTTPS you can access your files securely from almost anywhere.

Installing on a linux system:
(System used: Bactrack 4)

NOTE: The following steps were taking from http://jaredheinrichs.com/how-to-install-adito-on-ubuntu-linux.html

# sudo apt-get install default-jre icedtea6-plugin openjdk-6-jdk // if this doesn't work, you may optionally try to install sun-java6-bin sun-java6-jdk sun-java6-plugin sun-java6-jre packages
# sudo apt-get install ant
# sudo wget http://superb-east.dl.sourceforge.net/sourceforge/adito/adito-0.9.1-bin.tar.gz // this link might be broken so you may need to find the updated path for the download
# sudo mv adito-0.9.1-bin.tar.gz /opt/
# cd /opt
# sudo tar -zxvf adito-0.9.1-bin.tar.gz
# cd adito-0.9.1
# sudo ant install

This should start up the webserver on port 28080 on localhost.

Open Browser on your local machine and go to: http://127.0.0.1:28080

Create New Certificate

Step 1 – Set Keystore Passphrase – Type password twice for Cert
Step 2 – Create New Certificate – Fill out Form
Step 3 – Configure User Database – Built-in
Step 4 – Configure Super User – Fill out Form
Step 5 – Configure Web Server – Leave defaults
Step 6 – Configure Proxies – Leave blank unless you use proxy – Hit Next
Step 7 – Summary

Install Complete
install
Go Back to the Ubuntu CLI (Command line interface)
# sudo ant install-service //This sets up the system so you can manage it from /etc/init.d with the usual start|stop|restart commands
# sudo ant start

For installing on windows, please see: http://lars.werner.no/?page_id=153


NOTE: When using backtrack 4 to connect to the VPN server, i ran into issues with the java run-time not being initialized in Firefox. This may be the case with other Linux Distro's as well.To get this working I needed to create a symbolic link to the java run-time plug-in file to my hidden "/root/.Mozilla/plug-ins" directory (in other cases it would be in the user's home directory). The plug-ins directory might not be there as Mozilla probably doesn't have any plug-ins installed as of yet so i went ahead and created that directory.

# cd /home/user_dir/.mozilla
# mkdir plugins
# ln -s /usr/lib/jvm/java-6-sun-1.6.0.10/jre/plugin/i386/ns7/libjavaplugin_oji.so

or if the above doesn't work

cd /usr/lib/firefox-dir/plugins
# ln -s /usr/lib/jvm/java-6-sun-1.6.0.10/jre/plugin/i386/ns7/libjavaplugin_oji.so

Restart Firefox and all should be well

Resources / Good Reading:
http://jaredheinrichs.com/how-to-install-adito-on-ubuntu-linux.html
http://sourceforge.net/projects/openvpn-als/
http://www.sohoadvisers.com/tutorials/adito-ssl-vpn/installing-adito-ssl-vpn
http://lars.werner.no/?page_id=153

4 comments:

  1. Nice article I was recently looking into setting up OpenVPN to work with PFsense but I think I will try this option first.

    ReplyDelete
  2. ermmmm....

    "Open Browser on another machine and go to: http://127.0.0.1:28080"

    Going to that address from another machine will not open that URL since 127.0.0.1 is the loopback on the local machine.

    ReplyDelete
  3. Thanks for the correction. My bad on the typo. Fixed and updated the post.

    ReplyDelete
  4. in Step 4, when I leave the defaults and try to click on next, the setup wizard stays stuck in step 4 instead of moving on to the step 5.

    Any ideas as to what is wrong and how to fix it?

    ReplyDelete