Setting VPN Client

Question

I need to access VPN from my Ubuntu 12.04.

I see that there is VPN connections > Configure VPN in network manager, but it asks for username and password.

All I have is some .crt, .csr, .key, .ovpn files, which are suited for some windows client.

I'm really newbie with VPN.

I also found this blog post. Is that a way to go?

what type of connection are you having? i mean, do you have Microsoft PPTP, Cisco, or OpenVPN? — ashutosh, May 10 '12 at 10:56
why not....science has gone this far then why is this not a big deal. I am pretty sure that you are kidding me if you yourself are not a software developer or you wrote whole IPV6 yourself. — ashutosh, May 10 '12 at 15:01
Yes, but what then VPN connections > Configure VPN in network manager stands for? I thought I can configure it with few mouse clicks. That is in Ubuntu spirit. — umpirsky, May 10 '12 at 22:08

score 14 · Accepted Answer · edited Jul 10 '12 at 17:58

This is the procedure I followed to get it working. There's a bug in network manager where it doesn't do ovpn import properly - since 2010 (!)

https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/606365

Until that's fixed, I found this site

http://howto.praqma.net/ubuntu/vpn/openvpn-access-server-client-on-ubuntu

PROCEDURE

Create a new folder in your home dir - I called mine vpn.config
Copy your downloaded client.ovpn file into the new folder

Open client.opvn in an editor

Open a new file
Cut the lines between <ca> tags in client.ovpn
Paste into new file, save this file as ca.crt
Remove both <ca> tags from client.ovpn

Open a new file
Cut the lines between <cert> tags in client.ovpn
Paste into new file, save this file as client.crt
Remove both <cert> tags from client.ovpn

Open a new file
Cut the lines between <key> tags in client.ovpn
Paste into new file, save this file as client.key
Remove both <key> tags from client.ovpn

Open a new file - this is the last one :-)
Cut the lines between <tls-auth> tags in client.ovpn
Paste into new file, save this file as ta.key
Remove both <tls-auth> tags from client.ovpn

And remove this line:
key-direction 1


Now position the cursor in client.ovpn, right above the line # -----BEGIN RSA SIGNATURE-----

Insert the following lines

ca ca.crt
cert client.crt
key client.key
tls-auth ta.key 1

Save and close all the files.

Goto Network Manager -> Edit Connections ->VPN
click Import, browse to the modified client.ovpn in the folder you recently created - and where your certificates are, and import that file
Enter vpn username and password if prompted
On the VPN page, select Advanced
On the General Tab, uncheck the first option, "Use custom gateway"

Save

Use...

Made a script to automate https://gist.github.com/ThomasG77/5c09eead1244f9d1d2bd7fa70b26fead Added the same link as a comment in original Launchpad issue e.g https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/606365/comments/113 — ThomasG77, Feb 04 '21 at 15:15

score 13 · Answer 2 · edited Feb 13 '14 at 20:37

13

Install network-manager-openvpn-gnome from Ubuntu Software Center (usually this is hidden from search results when searching for openvpn unless you click "Show XX technical items" at the bottom of the window).

Or can use terminal (Ctrl+Alt+T):

sudo aptitude install network-manager-openvpn-gnome

After this the option to connect to an openvpn VPN will appear under the

network manager -> vpn connections -> configure vpn

edited Feb 13 '14 at 20:37

BuZZ-dEE

14,223

answered May 16 '12 at 19:18

Simon B

1,258

3

Save all those files in the same folder, then when you open up the settings, there should be an "Import" option, which is where you would open the .ovpn file. Most, if not all settings should be set for you then, depending on how the .ovpn file was created. Unless you are comfortable at the command line, or have specific need to, it is much easier to use the Network Manager. NOTE I don't know if they changed this or not, but you used to have to log off/back in or reboot for your new VPN connection to show up after creating it. – reverendj1 May 16 '12 at 19:27
2

The only problem is that I have no internet connection when I activate VPN :) Any idea why this can happen? – umpirsky May 17 '12 at 07:35
4

@umpirsky according to this thread http://ubuntuforums.org/showthread.php?t=1337460; Select configure VPN from the menu > Select the VPN you are having trouble with > Click edit > Click the IPv4 tab > Click Routes > Check the box that says "Use this Connection only for resources on its network." – Paweł Prażak May 20 '12 at 18:30
On VPN tab, set all necessary files(certificates, key etc.) Then click on advanced button. Make sure that these features are matched with the ones on your .ovpn file(e.g. gateway port, tap or tun, tcp or udp etc.). After all these are done, you should be able to establish the vpn connection. – Shnkc Mar 10 '14 at 12:48

score 0 · Answer 3 · answered May 20 '12 at 19:07

Solutions to some problems you may have:

No connection/disconnecting WiFi

Select configure VPN from the menu.
Select the VPN you are having trouble with.
Click edit.
Click the IPv4 tab.
Click Routes
Check the box that says "Use this Connection only for resources on its network."

source

Cannot connect to hosts in VPN - Firewall configuration

In this file:

sudo gedit /etc/firestarter/user-pre

add those rules:

iptables -A INPUT -j ACCEPT -s xxx.xxx.xxx.xxx -p esp
iptables -A INPUT -j ACCEPT -s xxx.xxx.xxx.xxx -p udp -m multiport -sports isakmp,10000
iptables -A INPUT -j ACCEPT -i tun+
iptables -A OUTPUT -j ACCEPT -d xxx.xxx.xxx.xxx -p esp
iptables -A OUTPUT -j ACCEPT -d xxx.xxx.xxx.xxx -p udp -m multiport -dports isakmp,10000
iptables -A OUTPUT -j ACCEPT -o tun+

Replace xxx.xxx.xxx.xxx with IP address of your VPN Gateway.

source

Ah, yes, it works, thanks. I was trying to do that on my wired connection instead, read this post http://askubuntu.com/questions/10741/how-to-set-up-dual-wired-and-wireless-connections — umpirsky, May 21 '12 at 20:25

Setting VPN Client

3 Answers3