OpenVPN - Setup macOS Client

Via the next script you can create the needed OpenVPN configuration file for the client with using the OpenVPN APP TunnelBlick on macOS.

------------------------------------------------------------------------------------------------------------------------

export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
DATE=`date +%d-%m-%Y\ %H:%M`
MSDATE=`date +%Y-%m-%d\ %H:%M:00`


if [ -n "$1" ]
then
export CLIENT="$1"
if [ ! -f /etc/openvpn/${CLIENT}.crt ]
then
echo "You specified a non existing client name : $1"
echo "Exit..."
exit
fi
else
export CLIENT=Client1
fi

cd /root/
mkdir openvpn-profiles 2>/dev/null
WORKDIR=/root/openvpn-profiles
cd ${WORKDIR}

#
# Start from here with generating the needed profiles...
#

 

# 3rd Profile used by MacOS PC/Laptop
#
# MacOS X Client
#

if [ -f /etc/openvpn/${CLIENT}-MAC.crt ]
then

export OVPN=${WORKDIR}/${CLIENT}-MAC.conf

> ${OVPN}
echo "client" >> ${OVPN}
echo "dev tun" >> ${OVPN}
echo "proto tcp" >> ${OVPN}
echo "remote <Your Domain/Servername> <Your configured portnumber>" >> ${OVPN}
echo "resolv-retry infinite" >> ${OVPN}
echo "nobind" >> ${OVPN}
echo "remote-cert-tls server" >> ${OVPN}
echo "cipher AES-256-CBC" >> ${OVPN}
echo "auth SHA512" >> ${OVPN}
echo "auth-nocache" >> ${OVPN}
echo "tls-version-min 1.2" >> ${OVPN}
echo "tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256" >> ${OVPN}
echo "persist-key" >> ${OVPN}
echo "persist-tun" >> ${OVPN}
echo "mute-replay-warnings" >> ${OVPN}
echo "verb 0" >> ${OVPN}
#echo "set CLIENT_CERT 0" >> ${OVPN}
echo "ca ca.crt" >> ${OVPN}
echo "cert ${CLIENT}-MAC.crt" >> ${OVPN}
echo "key ${CLIENT}-MAC.key" >> ${OVPN}

mkdir /tmp/OSX${CLIENT}
cp -p ${OVPN} /tmp/OSX${CLIENT}/
cp -p /etc/openvpn/ca.crt /tmp/OSX${CLIENT}/
cp -p /etc/openvpn/${CLIENT}-MAC.crt /tmp/OSX${CLIENT}/
cp -p /etc/openvpn/${CLIENT}-MAC.key /tmp/OSX${CLIENT}/
cd /tmp
mv OSX${CLIENT} OSX${CLIENT}.tblk
tar cvf ${CLIENT}.tar OSX${CLIENT}.tblk >/dev/null 2>&1
mv ${CLIENT}.tar ${WORKDIR}/${CLIENT}-MAC.tar

 

echo "OpenVPN MACOSX ${CLIENT}" | mail -A ${WORKDIR}/${CLIENT}-MAC.tar -s "OpenVPN MACOSX ${CLIENT} : Extract tar file in a folder and double click on the folder with .tblk for client VPN profile to load in TunnelBlick" <E-mail Address Client User>

#rm ${CLIENT}.tar

rm ${OVPN}
rm -rf /tmp/OSX${CLIENT}.tblk

fi

  If you like my website, feel free to donate via the Paypal button. Thank you!