This article describes how to test vulnerabilities by using the OpenVPN tool.

Background information

Certain projects on the Crowdsourced Security Testing platform require that you use a VPN service when you perform testing. On the enterprise page, if certain VPN testing requirement message appears, it means that the company requires testing using a VPN. Without a VPN, your reports cannot pass the vulnerability review.

Note

OpenVPN on the Mac system may not resolve domain names correctly. We recommend that you try the following methods:

  • Directly enter the IP address to access the test target.
  • Use a Windows virtual machine to perform testing.

Procedure

  1. Click to download the OpenVPN compressed file to a local folder.
  2. Extract the compressed file.


  3. Run the openvpn-install-2.3.14-I601-x86_64.exe file to install OpenVPN.


  4. Run OpenVPN.


  5. Enter the user name and password you have received in the password.txt file and save it. The first line is the user name and the second line is the password.
  6. Modify the client.ovpn file. Add the IP address and port of the VPN server after remote. For example, remote 1.1.1.1 1194


  7. Install the ca.crt certificate file, and add the certificate to the trusted root certificates.
    Note
    You have to manually import certificates into your mobile device and PC to establish VPN connections.
  8. Save the configured ca.crt, client.ovpn, and password.txt files in the config folder of OpenVPN. For example, C:\Program Files\OpenVPN\config.


  9. Double-click the application icon in the lower right-hand corner to run OpenVPN.


    The connection is now established.