i'm in the process of setting up and testing openvpn to allow road-warriors (~15 users w/ AD connected laptops) and remote workers (~5 users w/ non AD connected PCs) access to the internal network. i have everything working (openvpn on pfsense with AD authentication) but i'm looking for pointers to make the client experience simpler. here are the two major issues (so far):
- run as administrator - openvpn (i'm using openvpn-gui) needs to be run as administrator and none of our users have admin capabilities. i saw some info about setting openvpn-gui to run as a service, but, the info is about 10 years old and i'm not sure if it is still valid. is this the right path or should i be looking elsewhere for a solution?
- automatic mapping of network drives - i've tried using the
_up.bat method of running a batch file upon connecting to the VPN, but, it doesn't seem to be working (i haven't got too deep here yet). i've seen conflicting info on whether this will actually work or not!?!? what are others doing here?
oh… i’d also like to restrict this to company owned systems (iow, no installs on personal systems). i suspect i’m going to get some push back on this, but, i don’t want to be responsible for viruses that come in on poorly maintained systems… thoughts?
thanks!!!
bill
p.s. all computers (both AD connected and non AD connected) are windows 7 ent. 64bit...