azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a534a72a0f36ad80af64bbbf796058671b2ba592
claudetools/PST-VPN-Setup-Instructions.txt
Mike Swanson 6c316aa701 Add VPN configuration tools and agent documentation 
Created comprehensive VPN setup tooling for Peaceful Spirit L2TP/IPsec connection
and enhanced agent documentation framework.

VPN Configuration (PST-NW-VPN):
- Setup-PST-L2TP-VPN.ps1: Automated L2TP/IPsec setup with split-tunnel and DNS
- Connect-PST-VPN.ps1: Connection helper with PPP adapter detection, DNS (192.168.0.2), and route config (192.168.0.0/24)
- Connect-PST-VPN-Standalone.ps1: Self-contained connection script for remote deployment
- Fix-PST-VPN-Auth.ps1: Authentication troubleshooting for CHAP/MSChapv2
- Diagnose-VPN-Interface.ps1: Comprehensive VPN interface and routing diagnostic
- Quick-Test-VPN.ps1: Fast connectivity verification (DNS/router/routes)
- Add-PST-VPN-Route-Manual.ps1: Manual route configuration helper
- vpn-connect.bat, vpn-disconnect.bat: Simple batch file shortcuts
- OpenVPN config files (Windows-compatible, abandoned for L2TP)

Key VPN Implementation Details:
- L2TP creates PPP adapter with connection name as interface description
- UniFi auto-configures DNS (192.168.0.2) but requires manual route to 192.168.0.0/24
- Split-tunnel enabled (only remote traffic through VPN)
- All-user connection for pre-login auto-connect via scheduled task
- Authentication: CHAP + MSChapv2 for UniFi compatibility

Agent Documentation:
- AGENT_QUICK_REFERENCE.md: Quick reference for all specialized agents
- documentation-squire.md: Documentation and task management specialist agent
- Updated all agent markdown files with standardized formatting

Project Organization:
- Moved conversation logs to dedicated directories (guru-connect-conversation-logs, guru-rmm-conversation-logs)
- Cleaned up old session JSONL files from projects/msp-tools/
- Added guru-connect infrastructure (agent, dashboard, proto, scripts, .gitea workflows)
- Added guru-rmm server components and deployment configs

Technical Notes:
- VPN IP pool: 192.168.4.x (client gets 192.168.4.6)
- Remote network: 192.168.0.0/24 (router at 192.168.0.10)
- PSK: rrClvnmUeXEFo90Ol+z7tfsAZHeSK6w7
- Credentials: pst-admin / 24Hearts$

Files: 15 VPN scripts, 2 agent docs, conversation log reorganization,
guru-connect/guru-rmm infrastructure additions

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-18 11:51:47 -07:00

151 lines
5.0 KiB
Plaintext
Raw Blame History

PEACEFULE SPIRIT VPN SETUP - Pre-Login Auto-Connect with OpenVPN GUI
========================================================================
Files Created:
--------------
1. PST-NW-VPN-Windows.ovpn (Modified config for Windows)
2. PST-NW-VPN-auth.txt (Credentials file)
INSTALLATION STEPS:
===================
Step 1: Install OpenVPN GUI (if not already installed)
-------------------------------------------------------
1. Download OpenVPN GUI from: https://openvpn.net/community-downloads/
2. Install using default settings
3. Install as Administrator to enable system service mode
Step 2: Copy Configuration Files to OpenVPN Config Directory
-------------------------------------------------------------
You need to copy both files to the OpenVPN config directory:
OPTION A - For System-Wide Service (Pre-Login):
Copy both files to: C:\Program Files\OpenVPN\config\
Commands (Run as Administrator in PowerShell):
Copy-Item "D:\ClaudeTools\PST-NW-VPN-Windows.ovpn" -Destination "C:\Program Files\OpenVPN\config\"
Copy-Item "D:\ClaudeTools\PST-NW-VPN-auth.txt" -Destination "C:\Program Files\OpenVPN\config\"
OPTION B - For User-Level Only (Not Pre-Login):
Copy both files to: C:\Users\YourUsername\OpenVPN\config\
Step 3: Verify File Permissions (IMPORTANT for Security)
---------------------------------------------------------
The credentials file should be protected:
1. Right-click PST-NW-VPN-auth.txt
2. Properties > Security tab
3. Click "Advanced"
4. Remove "Users" group (leave only SYSTEM and Administrators)
5. Apply changes
Step 4: Configure OpenVPN Interactive Service (for Pre-Login)
--------------------------------------------------------------
1. Press Win+R, type: services.msc
2. Find "OpenVPNServiceInteractive" or "OpenVPN Interactive Service"
3. Right-click > Properties
4. Set "Startup type" to: Automatic
5. Click "Start" to start the service now
6. Click "OK"
Step 5: Connect to VPN
----------------------
OPTION A - Using OpenVPN GUI (User Interface):
1. Right-click OpenVPN GUI icon in system tray
2. Select "PST-NW-VPN-Windows" > Connect
3. Connection should auto-authenticate with saved credentials
OPTION B - Using Command Line (for testing):
Run as Administrator:
cd "C:\Program Files\OpenVPN\bin"
openvpn-gui --connect PST-NW-VPN-Windows.ovpn
Step 6: Configure Auto-Connect on Startup (Optional)
-----------------------------------------------------
To automatically connect when Windows starts:
1. Right-click OpenVPN GUI icon in system tray
2. Settings > Advanced
3. Check "Launch on Windows startup"
4. Check "Silent connection (always)"
5. In the main window, right-click the connection
6. Select "Start on Boot"
Alternative: Using Windows Task Scheduler for Pre-Login Auto-Connect
---------------------------------------------------------------------
1. Open Task Scheduler (taskschd.msc)
2. Create Task (not Basic Task)
3. General tab:
- Name: "PST VPN Auto-Connect"
- Select "Run whether user is logged on or not"
- Check "Run with highest privileges"
4. Triggers tab:
- New > At startup
5. Actions tab:
- Program: C:\Program Files\OpenVPN\bin\openvpn.exe
- Arguments: --config "C:\Program Files\OpenVPN\config\PST-NW-VPN-Windows.ovpn"
- Start in: C:\Program Files\OpenVPN\bin
6. Conditions tab:
- Uncheck "Start the task only if the computer is on AC power"
7. Click OK and enter administrator credentials
VERIFICATION:
=============
1. Check connection status in OpenVPN GUI
2. Visit https://whatismyipaddress.com/ to verify your IP changed
3. Expected IP: 64.139.88.249 (the VPN server)
TROUBLESHOOTING:
================
Connection fails:
- Check Windows Firewall allows OpenVPN
- Verify credentials in PST-NW-VPN-auth.txt are correct
- Check logs: C:\Program Files\OpenVPN\log\
Service won't start:
- Run as Administrator
- Check Event Viewer for OpenVPN errors
- Verify TAP adapter is installed (should be installed with OpenVPN)
Credential issues:
- Ensure auth file has exactly 2 lines: username on line 1, password on line 2
- No extra spaces or blank lines
- File must be in same directory as .ovpn file
KEY CHANGES MADE FROM ORIGINAL CONFIG:
=======================================
1. Removed Linux-specific lines:
- user nobody
- group nogroup
(These cause errors on Windows)
2. Added credentials file reference:
- auth-user-pass PST-NW-VPN-auth.txt
(Enables auto-login)
3. Renamed config file to indicate Windows compatibility
SECURITY NOTES:
===============
- The PST-NW-VPN-auth.txt file contains your password in plain text
- Ensure file permissions restrict access to Administrators only
- Do not share this file or commit to version control
- Consider using Windows Credential Manager for additional security
CONNECTION DETAILS:
===================
VPN Server: 64.139.88.249:1194
Protocol: TCP
Username: pst-admin
Encryption: AES-256-CBC with SHA1 auth
Gateway: Full tunnel (all traffic routed through VPN)
SUPPORT:
========
If you encounter issues, check:
1. OpenVPN logs in system tray menu
2. Windows Event Viewer > Application logs
3. Verify network connectivity to 64.139.88.249:1194
Reference in New Issue View Git Blame Copy Permalink