Adito (Now called OpenVPN ALS)

 

Help me to help you
By buying a cert together Adito will be alive much longer!
Please see this post to understand and how to donate!

About

Adito is an open-source, browser-based SSL VPN solution. It’s a remote access solution that provides users and businesses alike with a means of securely accessing network resources from outside the network perimeter using only a standard web browser.

Background

This is the open-source clone of SSL-Explorer after it went biz-o-matic.

Windows installer (download links below)

My contribution to this project is a Windows-installer, check old version here, if you are looking for the updated SVN-version download here

Please note that the SVN-version is only supported on Java run time 1.8! Older version require Java run time 1.7 or older.

Step-by-step guides

There are now three guides written by me on the topic.

  1. Scroll down on the installer page for installation-tips

  2. Scroll down on this page for a simple demonstration of a port-forward

  3. NEW! Practical RDP guide here

  4. Read the guide on running the Java 7 version 51

What the buzz about?

Pictures says more than words so please take a look in the pictureseries with description below.

You are first presented with a login window:

Login window

After successfully logging in you are at the main window

Main Window

Usally the SSL Tunnel are common used. This technique open a port locally and forward it throught the server and to your destination.

In this example we create a port forwarding on port 4040 locally requests to google.com on port 80 (www-default-port)

Create SSL Tunnel

After the creation we start the Agent. This is the software you run in the remote location straight from the browser. Since it uses default-java you would find access almost everywhere.

My rule is; if you can connect to your bank you can use Adito šŸ˜‰

Agent launching

When it has launched you got a new little man-like icon in your sys-tray

Agent in systray

By right-clicking on the agent you will find items you have configed on the server. In our case the tunnel “Test” is available

Agent options

When the tunnel is activated the agent notify you and we are ready to use it

Agent SSL Tunnel open

Now for some magic šŸ™‚ Connect to google through your server

Surfing through SSL Tunnel

As you can see this is pretty easy to use and manage a great product!

Check out the new guide on setting up RDP here

 Posted by at 13:51:53

  133 Responses to “Adito (Now called OpenVPN ALS)”

  1. HI guys..please help me with this..i install the adito successfuly,but my prolem is the port forward part.i did port forward the 443 and open windows/3rd party firewall,.ive done so many port forwarding w/ out any trouble..but for some reason adito wont work behind the router.

    router:att 2wire
    firewall:windows
    OS:windows xp

    thank you

  2. Hi Lars,

    At first, Thanks for the application and effort you have done.

    I am now trying to enter the system but forgot the password.
    After trying few times, the message comes up and told me that account has been locked.
    Is there any way to unlock my account from local?

    Or, is there any other ID which can use for administrator login?
    e.g., Administrator, root.etc

    Your help would be greatly appreciated.

  3. Hmm.. reading my post is sad.. misspelling and confusing info..
    I would like to star ta program calles superoffice on a server and have it pop in a browser window.. so any help would be appreciated! ..

  4. Good morning Lars.
    I use Adito to as a sys adm, lookng after my servers from where ever I am. It works great!! šŸ™‚
    Now I would like to start a program om a server that is called superoffice. I’d like to open it in a browser window. I have tried a few setups , but can’t seem to break the “code” and get it running. Any suggestions would be appreciated!

  5. Thanks for a great page on this. Just needed it to jog my memory. Was running .91 on ubuntu but someone my user database was messed up.

  6. Unfortunately not, I am using a self signed certificate.

  7. ranj:
    Do you have a valid cert on your installation?

  8. looks like Ironport proxy is able to detect the Adito trying to get through on port 443. Is it possible for Adito to get through Ironport proxy in some way?

  9. KK20:
    I would never use Adito “in production”… That is just a tool for you to get through every possible firewall known šŸ™‚

  10. Since I moved my servers to 2008 over the summer I have now gone back to webdav as 2008 webdav is a lot more configurable than the old 2003 “webdav the lot” option. Since my clients all run a map drive script it will work in XP or W7. It was easier to create a VPN via ISA again and make a dialup script for remote users as educating them how to use adito was a pain (users eh?). Still, I had a lot of fun setting adito up and it worked a treat in the end.

  11. KK20 & other that hate the timeout!

    I found a easy solution for the timeout-problem people have with the adito client shutting down after.

    This is actually the session stored in the webbrowser, so if you use firefox (like I do) just do this:

    Rightclick on page and select Reload Every -> 2 minutes.

    That kept me signed in whole day@work šŸ™‚

  12. Marius:
    No, nobody has translated the pages into German as far as I know. But check this wiki out: http://sourceforge.net/apps/trac/openvpn-als/wiki/translating

    If you actually do translate, please share with others. I can host it here šŸ˜‰

  13. Hi Lars

    Thanks to your work I got up and running the SSL-VPN Server on WinXP very well in just a few minutes! Now I like you to ask, if you know someone who translated the pages to german?

    I try to find out how to do, but as I am no programmer, I gave it up after 3 hours of searching through the files…

    Any help is appr.

    regards,
    Marius

  14. large,
    I use ClarkConnect as my Gateway on the ESXi box. I am in the process of installing ClearOS 5.2 as a standalone ESXi image as I type this. Once I find that stable on my hardware, I will take the ClarkConnect off-line and change the ClearOS install to a Gateway configuration.

    The process is pretty straightforward, so I am not sure there is much value in creating the ClearOS ESXi image. The iso image is uploaded to the ESXi datastore and then the new virtual machine is configured to boot from this iso image.

    Now if you are asking for a ClearOS 5.2 configured with OpenVPN ALS/Adito, I don’t think I would do it that way. I like to use OpenVPN and OpenVPN ALS/Adito sharing the 443 port. I am not sure how one would do that on the same machine.

    With ESXi, it is much easier for me to create very small Linux installations and use port forwarding to add features as experiments and/or final implementation.

    FYI: My ESXi4 is on a powerful quad core desktop. That was a $700 investment that has worked out to be a wonderful way to make my home office ‘green’, save money on power, provide a (thus far) very dependable solution for family computing needs, my endless experiments, and my personal world wide access solution. Over the years I’ve played with VMplayer, VMserver, and now am a believer in this ESXi. Nothing against the many other fine products and other vendors, just where I am at the moment….

  15. David:
    Why don’t you make a default ClearOS ESXi image for people to use?
    A small guide & lists of usernames & password into a txt and the vmdk-file is all that is needed.

    I can ofcourse host it here…

  16. yes, it’s a shame. but when you read the reasons, it’s a fairly complicated piece of code that turns things on their head. i do hope it’s revived as x64 isn’t going to play nicely with adito. but as you say, i will continue to use it. it has got me out of so many situations in the past and has never failed yet to get through a firewall on 443.

  17. Thanks for keeping this going!

    I just installed a new Adito setup on to my vmware esxi home server via turnkey core.

    The only gotcha with the numerous directions on the web was related to the Java steps due to Ubuntu moving the repository. Google got me past that and once again Adito is running at home.

    Please ClearOS, rescue this wonderful application. I use OpenVPN when I have Adito problems. However Adito is always the preferred solution.

    ClearOS (Clarkconnect’s future) can and should save this project!!

  18. I get this error in my adito.log:

    30-07-2010 09:24:47 [FeedManager] INFO Feed – Retrieving RSS feeds from http://download.localhost/feeds/.xml
    30-07-2010 09:24:49 [FeedManager] ERROR FeedManager – Failed to load feed.
    com.sun.syndication.io.ParsingFeedException: Invalid XML: Error on line 13: The reference to entity “ts” must end with the ‘;’ delim
    iter.
    at com.sun.syndication.io.WireFeedInput.build(WireFeedInput.java:174)
    at com.sun.syndication.io.SyndFeedInput.build(SyndFeedInput.java:122)
    at com.adito.rss.Feed.load(Feed.java:149)
    at com.adito.rss.FeedManager.retrieveFeeds(FeedManager.java:254)
    at com.adito.rss.FeedManager.run(FeedManager.java:161)
    at java.lang.Thread.run(Thread.java:636)
    Caused by: org.jdom.input.JDOMParseException: Error on line 13: The reference to entity “ts” must end with the ‘;’ delimiter.
    at org.jdom.input.SAXBuilder.build(SAXBuilder.java:468)
    at org.jdom.input.SAXBuilder.build(SAXBuilder.java:851)
    at com.sun.syndication.io.WireFeedInput.build(WireFeedInput.java:170)
    … 5 more
    Caused by: org.xml.sax.SAXParseException: The reference to entity “ts” must end with the ‘;’ delimiter.
    at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:198)
    at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:177)
    at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:391)
    at com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1390)
    at com.sun.org.apache.xerces.internal.impl.XMLScanner.scanAttributeValue(XMLScanner.java:844)
    at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanAttribute(XMLNSDocumentScannerImpl.java:436)
    at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:253)
    at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScan
    nerImpl.java:2723)
    at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:624)
    at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:116)
    at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:4
    86)
    at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:810)
    at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:740)
    at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:110)
    at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1208)
    at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:525)
    at org.jdom.input.SAXBuilder.build(SAXBuilder.java:453)

    Apparently, something with RSS is causing the adito service (running on ClearOS 5.2) to throw an exception. What is RSS doing here? I don’t see any way to configure this via the gui. I can restart the service and it runs fine for a while.

    BTW, Adito is great. I’ve suggested to the ClearOS group that they try to incorporate portal functionality. It’s too bad Adito isn’t still in development. It works very well. I’ll continue to use it anyway.

  19. I have had trouble when people try to access the site using Internet Explorer 8. Works fine with firefox. Any idea on how to fix it?

  20. Any update on how to get the agent to work with Windows 7 64 bit? The agent works fine for me using any 32 bit Windows OS. W764 still fails to launch the agent.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: