[0:00]Hello, and welcome back to our series on building a secure network with OpenSense. In this video, we'll continue our journey by configuring the OpenVPN client and server. This crucial step will allow us to establish secure remote access to our network, ensuring that our data remains protected even when accessed from outside our local environment. Before we dive into the configuration, let's briefly recap what we've covered so far. In our previous videos, we successfully installed OpenSense and performed the initial setup, including network interfaces and basic firewall rules. These foundational steps are essential for ensuring our network is properly structured and protected. Now, let's move on to the exciting part, configuring the OpenVPN server. Log in to your OpenSense web interface. Navigate to VPN, OpenVPN, and then click on Servers. Here, click the Add button to create a new server instance. For the server mode, select peer-to-peer shared key. This mode is simple to set up and provides a secure tunnel between two endpoints using a pre-shared secret key. In the description field, enter a meaningful name for your VPN server, such as OpenVPN Server. Next, configure the network settings. For the tunnel network, enter a unique subnet that doesn't conflict with your existing local networks. For example, 10.0.8.0/24. This subnet will be used for the VPN clients to communicate with each other and with the server. Ensure that the local network field is correctly set to your OpenSense LAN network, typically 192.168.1.0/24. Now, let's generate the shared key. Click the Generate a shared key button. This will create a long random string that will be used to encrypt the communication between the client and the server. Make sure to copy this key to a secure location, as we'll need it when configuring the client. Finally, click Save to apply the OpenVPN server configuration. You should now see your newly created OpenVPN server listed. With the OpenVPN server configured, let's proceed to set up the client. We'll be using a Windows client for this demonstration, but the process is similar for other operating systems. First, download and install the OpenVPN GUI client for Windows from the official OpenVPN website. Once installed, launch the OpenVPN GUI application. It will typically run in the system tray. Right-click on the OpenVPN GUI icon in the system tray and select Edit config. This will open the OpenVPN configuration folder. Inside this folder, create a new text file and name it client.ovpn. Open this file with a text editor and paste the following configuration: client, dev tun, proto udp, remote your OpenSense WAN IP or hostname, 1194. Replace your OpenSense WAN IP or hostname with the actual public IP address or hostname of your OpenSense firewall. resolv-retry infinite, nobind, persist-key, persist-tun, ca ca.crt, cert client.crt, key client.key, remote-cert-tls server, tls-auth ta.key 1, cipher AES-256-CBC, comp-lzo, verb 3. Now, for the crucial part, paste the shared key you generated earlier in the OpenSense server configuration. The key should be enclosed within the tag. Save the client.ovpn file. Now, go back to the OpenVPN GUI icon in the system tray, right-click it, and select Connect. If everything is configured correctly, you should see a notification that the OpenVPN client has successfully connected. To verify the connection, you can try accessing resources on your local network, such as a shared folder or a web server. You can also check your public IP address. It should now appear as the public IP of your OpenSense firewall. Congratulations, you have successfully configured the OpenVPN client and server, establishing a secure remote access solution for your network. In our next video, we'll explore more advanced OpenVPN configurations, including client-specific overrides and integrating with a directory service for user authentication. Thank you for joining us in this video. If you have any questions or encountered any issues, please leave a comment below. Don't forget to like this video and subscribe to our channel for more network security tutorials.