TODO: project links
Connect to an existing OpenVPN network
- Certificates/key files from sysadmin
- 1 x user certificate, usually named something like <USER>.vpn.<DOMAIN>.crt
- 1 x CA certificate, usually named ca.crt
- 1 x private user key, usually named something like <USER>.vpn.<DOMAIN>.key
- Store these in a secure (encrypted) location on your harddrive (for example, see :gencfsm)
- Install OpenVPN packages in Ubuntu
sudo apt install openvpn openvpn-blacklist network-manager-openvpn
- Add a VPN Network Connection of the "OpenVPN" type
- Under "VPN" tab:
- Set the gateway to the value provided by your sysadmin
- Select "Certificates" as the authentiction type. Add certificates and key files to respective fields.
- Under the "VPN" tab, click "Advanced..."
- Tick any options provided by your sysadmin (for example, LZO, TCP and TAP)
- Under "IPv4 Settings" tab:
- For Method select "Automatic (VPN) addresses only" (not "Automatic (VPN)")
- Click "Routes" button, tick "Use this connection only for resources on its network"
- You may have to do something similar for IPv6
- Select the VPN from the Network Manager | VPN menu.
Debug a connection stored with Network Manager
If you have followed the procedure above and the VPN connection is failing, you will have to attempt the connection from the command line to see what the error message is:
- First identify the file containing the VPN connection.
ls /etc/NetworkManager/system-connections # file is usually named <CONNECTION-NAME>-<UUID>
- Confirm the file is the correct one
sudo cat /etc/NetworkManager/system-connections/<FILENAME> # should contain the settings from instructions above
- Attempt the VPN connection from the command line:
sudo openvpn --config /etc/NetworkManager/system-connections/<FILENAME>
- Report the error to your sysadmin.