Customer VPN


The ARP Networks Customer VPN is an OpenVPN SSL/TLS based VPN with clients that run on Linux, Solaris, OpenBSD, FreeBSD, NetBSD, Mac OS X, and Windows 2000/XP.

The Customer VPN is available to customers for accessing very sensitive resources that we do not make available on the public Internet, such as our ARP Metal™ dedicated server IPMI devices.

To join, you need to do the following:

  • Install OpenVPN
  • Setup your certificate
  • Use our drop-in OpenVPN config

Installing OpenVPN


From ports:

cd /usr/ports/security/openvpn
make install clean


Install the following packages:

  • lzo-xx.tgz
  • openvpn-x.x.tgz

See Building VPNs on OpenBSD for more detailed instructions.

Linux (Debian / Ubuntu)

sudo apt-get install openvpn

Mac OS X

Simply install TunnelBlick, it is a very good front-end to OpenVPN for Mac OS X.


Download the self-installing executable file from the OpenVPN download page labeled "Windows Installer"

Alternatively, there is also an OpenVPN GUI for Windows available.

Certificate Setup

The basic steps for setting up your certificate are as follows

  • Generate a certificate that we can sign and email it to us
  • We'll sign it and send it back
  • We'll also send you an OpenVPN config file ready to use out of the box

The following is applicable to OpenVPN on all platforms, but you may find the Mac OS X and Windows versions have their own GUI tools for performing the same actions. Please refer to their documentation.

Certificate Signing Request

At a command prompt, execute the following:

openssl req -new -keyout mycert-arpnetworks.key -out mycert-arpnetworks.csr

Answer the questions as appropriate to your location and please follow these guidelines:

  • Pick a good passphrase; leaving it blank is highly discouraged
  • Use your Portal login name for "Common Name"
  • The challenge password is optional

Email with the subject "Customer VPN CSR" and attach the file mycert-arpnetworks.csr.

OpenVPN Configuration

When we process your CSR and send you the signed certificate, we will include the following files:

  • mycert-arpnetworks.crt -- Your signed certificate
  • openvpn.conf -- Complete configuration ready to use
  • ARP_Networks_Server_CA.crt -- Our Certificate Authority
  • tls-auth.key -- TLS channel key

You will want to place all these files in your OpenVPN configuration directory, which is typically:

  • Linux: /etc/openvpn
  • FreeBSD: /usr/local/etc/openvpn
  • OpenBSD: /etc/openvpn
  • Mac OS X: ~/Library/openvpn
  • Windows: C:\Program files\OpenVPN\config\

Additionally, for Windows, openvpn.conf file needs to be renamed to openvpn.ovpn

Running OpenVPN

Once the configuration and supporting files are in place, running OpenVPN is very easy, simply navigate to your OpenVPN configuration directory and execute the following as root:

openvpn --config openvpn.conf

Enter your passphrase when prompted and you should be good to go!

If everything goes smoothly, you'll be able to successfully complete:

$ ping -c 3
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=64 time=15.0 ms
64 bytes from icmp_seq=2 ttl=64 time=19.1 ms
64 bytes from icmp_seq=3 ttl=64 time=13.8 ms

--- ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms
rtt min/avg/max/mdev = 13.879/16.037/19.172/2.270 ms


As always, if you need any further help, please send us an email at or open a support issue.