VNS3 Clientpacks are unique X.509 credentials created by the VNS3 Controller used to connect client servers to the Overlay Network using the specific Overlay IP addresses you defined during the Controller initialization.
In a traditional VNS3 setup, you can distribute Clientpacks to your client servers with TLS client software (OpenVPN recommended) to create a virtual network interface and secure TLS VPN tunnel to the VNS3 Controller.
If you need to add more security for the OpenVPN file (.ovn) used with clientpacks, you can edit the file to prompt for a password every time a client VPN establishes a connection.
Create a password for your client VPN server using VNS3 clientpacks:
- Assign a clientpack to your server following the instructions on the VNS3 Config guide (https://cohesive.net/dnld/Cohesive-Networks_VNS3-4.0-Configuration.pdf)
- Download the .ovpn file from the VNS3 appliance, then open it in a text editor.
- Extract the contents from the <key> </key> section (from -----BEGIN PRIVATE KEY----- and ending with -----END PRIVATE KEY-----) to a new file, such as "unencrypted.key"
- Run the following openssl command with your .key file name:
openssl rsa -des3 -in "unencrypted.key" -out encrypted.key - Create a password when prompted.
- Copy the contents of "encrypted.key" back to the <key> </key> section in the .ovpn file (i.e. beginning with -----BEGIN RSA PRIVATE KEY----- and ending with -----END RSA PRIVATE KEY-----)
Now, whenever a client VPN server with that .ovpn file attempts to establish a connection the users will be prompted for a password. This can add a layer of security to the .ovpn file (and clientpack).