PEACEFULE SPIRIT VPN SETUP - Pre-Login Auto-Connect with OpenVPN GUI
========================================================================

Files Created:
--------------
1. PST-NW-VPN-Windows.ovpn  (Modified config for Windows)
2. PST-NW-VPN-auth.txt      (Credentials file)

INSTALLATION STEPS:
===================

Step 1: Install OpenVPN GUI (if not already installed)
-------------------------------------------------------
1. Download OpenVPN GUI from: https://openvpn.net/community-downloads/
2. Install using default settings
3. Install as Administrator to enable system service mode

Step 2: Copy Configuration Files to OpenVPN Config Directory
-------------------------------------------------------------
You need to copy both files to the OpenVPN config directory:

OPTION A - For System-Wide Service (Pre-Login):
  Copy both files to: C:\Program Files\OpenVPN\config\

  Commands (Run as Administrator in PowerShell):

  Copy-Item "D:\ClaudeTools\PST-NW-VPN-Windows.ovpn" -Destination "C:\Program Files\OpenVPN\config\"
  Copy-Item "D:\ClaudeTools\PST-NW-VPN-auth.txt" -Destination "C:\Program Files\OpenVPN\config\"

OPTION B - For User-Level Only (Not Pre-Login):
  Copy both files to: C:\Users\YourUsername\OpenVPN\config\

Step 3: Verify File Permissions (IMPORTANT for Security)
---------------------------------------------------------
The credentials file should be protected:

1. Right-click PST-NW-VPN-auth.txt
2. Properties > Security tab
3. Click "Advanced"
4. Remove "Users" group (leave only SYSTEM and Administrators)
5. Apply changes

Step 4: Configure OpenVPN Interactive Service (for Pre-Login)
--------------------------------------------------------------
1. Press Win+R, type: services.msc
2. Find "OpenVPNServiceInteractive" or "OpenVPN Interactive Service"
3. Right-click > Properties
4. Set "Startup type" to: Automatic
5. Click "Start" to start the service now
6. Click "OK"

Step 5: Connect to VPN
----------------------
OPTION A - Using OpenVPN GUI (User Interface):
  1. Right-click OpenVPN GUI icon in system tray
  2. Select "PST-NW-VPN-Windows" > Connect
  3. Connection should auto-authenticate with saved credentials

OPTION B - Using Command Line (for testing):
  Run as Administrator:

  cd "C:\Program Files\OpenVPN\bin"
  openvpn-gui --connect PST-NW-VPN-Windows.ovpn

Step 6: Configure Auto-Connect on Startup (Optional)
-----------------------------------------------------
To automatically connect when Windows starts:

1. Right-click OpenVPN GUI icon in system tray
2. Settings > Advanced
3. Check "Launch on Windows startup"
4. Check "Silent connection (always)"
5. In the main window, right-click the connection
6. Select "Start on Boot"

Alternative: Using Windows Task Scheduler for Pre-Login Auto-Connect
---------------------------------------------------------------------
1. Open Task Scheduler (taskschd.msc)
2. Create Task (not Basic Task)
3. General tab:
   - Name: "PST VPN Auto-Connect"
   - Select "Run whether user is logged on or not"
   - Check "Run with highest privileges"
4. Triggers tab:
   - New > At startup
5. Actions tab:
   - Program: C:\Program Files\OpenVPN\bin\openvpn.exe
   - Arguments: --config "C:\Program Files\OpenVPN\config\PST-NW-VPN-Windows.ovpn"
   - Start in: C:\Program Files\OpenVPN\bin
6. Conditions tab:
   - Uncheck "Start the task only if the computer is on AC power"
7. Click OK and enter administrator credentials

VERIFICATION:
=============
1. Check connection status in OpenVPN GUI
2. Visit https://whatismyipaddress.com/ to verify your IP changed
3. Expected IP: 64.139.88.249 (the VPN server)

TROUBLESHOOTING:
================
Connection fails:
  - Check Windows Firewall allows OpenVPN
  - Verify credentials in PST-NW-VPN-auth.txt are correct
  - Check logs: C:\Program Files\OpenVPN\log\

Service won't start:
  - Run as Administrator
  - Check Event Viewer for OpenVPN errors
  - Verify TAP adapter is installed (should be installed with OpenVPN)

Credential issues:
  - Ensure auth file has exactly 2 lines: username on line 1, password on line 2
  - No extra spaces or blank lines
  - File must be in same directory as .ovpn file

KEY CHANGES MADE FROM ORIGINAL CONFIG:
=======================================
1. Removed Linux-specific lines:
   - user nobody
   - group nogroup
   (These cause errors on Windows)

2. Added credentials file reference:
   - auth-user-pass PST-NW-VPN-auth.txt
   (Enables auto-login)

3. Renamed config file to indicate Windows compatibility

SECURITY NOTES:
===============
- The PST-NW-VPN-auth.txt file contains your password in plain text
- Ensure file permissions restrict access to Administrators only
- Do not share this file or commit to version control
- Consider using Windows Credential Manager for additional security

CONNECTION DETAILS:
===================
VPN Server: 64.139.88.249:1194
Protocol: TCP
Username: pst-admin
Encryption: AES-256-CBC with SHA1 auth
Gateway: Full tunnel (all traffic routed through VPN)

SUPPORT:
========
If you encounter issues, check:
1. OpenVPN logs in system tray menu
2. Windows Event Viewer > Application logs
3. Verify network connectivity to 64.139.88.249:1194
