Last month, we discovered the Untangle Network Gateway. You can install it onto a PC to help protect, control, and monitor Internet access for your entire network. You can alternatively use the Windows utility if you don't want to dedicate a computer to the cause.

In the first part, we set up the machine, installed the software for the dedicated Untangle server, performed the initial configuration, and looked at the different Apps you can install. In this tutorial, we'll experiment with the OpenVPN App. We'll see how to securely network all our locations together over the Internet and how to offer secure remote access to the network from the Internet.

Setting up the OpenVPN server

Untangle supports OpenVPN's site-to-site and client-to-site configurations. Site-to-site means you can create a secure tunnel between your different offices or locations via the Internet, so you can share files and resources between them all. Client-to-site means you can offer connections to remote users, so they can securely access their files or so they can encrypt their Internet traffic from Wi-Fi eavesdroppers when they're using hotspots. We'll set up both solutions.

First, you must setup the OpenVPN server. If doing site-to-site connections, you just need to do this at one location, such as your main office. Then we'll configure another Untangle machine as a VPN client or site at the other locations. If you're offering only remote access to individuals, you can configure an Untangle machine as the server at any location. Then we'll install and configure the OpenVPN client program onto the desired computers.

Follow these steps to enable the VPN server:

1. Open the OpenVPN App by clicking the Settings button from the rack.
2. Click the Configure as VPN Server button.
3. On the welcome to the wizard page, click Next.
4. Type in your organization or company name and location information, and click Next. This is used when it creates the self-signed SSL certificates for  OpenVPN.
5. If it's okay that VPN sites or clients have access to your entire LAN or internal network, click Next. Otherwise, you can delete the default entry and add IP addresses of specific computers or servers that remote users can access.
6. On the Finished page, click Close.
7. Click Close to complete the setup.

Adding VPN sites and clients

Now you can configure the server with details for each desired VPN site or client:

1. From the OpenVPN settings, select the Clients tab.
2. Click the Add button in the VPN Clients or VPN Sites section, depending upon what you want to do.
3. On the Edit window, enter a name, change the other settings if needed, and click Update.
4. Click Save.

Next: Distributing Keys and the OpenVPN Client »