While on a recent trip I decided that should finally setup the VPN on my Endian Community Firewall. Using a forum article from endian firewall unofficial support forum I was able to get a VPN connection up and running fairly easy.
However, I started thinking about how to distribute the OpenVPN client software with the necessary .OPVN configuration file and the Certificate from the firewall. While I found a large number of articles, most required the administrator to compile the OpenVPN client from source or involved a two different binary installations (one for the client and one for the config/certificate files). I stumbled across an article that creates a OpenVPN installer wrapper which will let you download the OpenVPN installation files on-the-fly, validate them by a simple MD5 and install a pre-configured configuration ZIP file in the proper place automatically. I was able to create the wrapper as explained in the article, but it was limited to a single client type (32-bit or 64-bit). I was able to tweak the provided NSI file to properly work with the 64-bit clients by updating the $PROGRAMFILES variable to $PROGRAMFILES64. However, I wanted to create a single wrapper that would based on architecture (removing the human element to decide if the platform was 32-bit or 64-bit) choose the correct client to install.
After a couple of hours of tinkering and reading through the NSIS documentation, I have been able to create a single wrapper that will detect the architecture of the system that the client is being installed on and correctly download and install the proper prebuilt client. Using the same instructions from the Secure Computing Networks article and using this OpenVPN-InstCfgWiz.nsi file it is possible to create a single OpenVPN-InstCfgWiz.exe file that is both 32-bit and 64-bit compatible using the prebuilt OpenVPN Client binaries.
I do recommend that the website that the wrapper and client files are uploaded to be SSL capable this will allow for future enhancements to the script to allow the ZIP files to be published and downloaded from the same site.