Just wanted to say thanks for this guide... Not doing anything complicated, just connecting to a public VPN server but your PDF was helpful....
Steps (in case anyone else looking)
a. Install openvpn, bridge-utils (probably not required) and network-manager-openvpn-gnome in admin
b. In ordinary user mode, register for VPN service and download .ovpn file, save securely. At this point you could use the 'Import' feature in the VPN connections tab but that doesn't work in 10.04 (at least with the file I had)
c. Open the file (say client.ovpn) and extract the following sections and save as separate files:
File 1: ca.cert: All the text between the <ca> </ca> tags i.e. somthing like this
Code:
-----BEGIN CERTIFICATE-----
MIIBszCCARygAwIBAgIETYOipDANBgkqhkiG9w0BAQUFADAVMRMwEQYDVQQDEwpP
...
rxjDjIJbAQ==
-----END CERTIFICATE-----
File 2: user.crt: All the test between the <cert> </cert> tags i.e.
Code:
-----BEGIN CERTIFICATE-----
MIIB1TCCAT6gAwIBAgIDBS88MA0GCSqGSIb3DQEBBQUAMBUxEzARBgNVBAMTCk9w
...
bsjnopP4G0idNeJ5TY60gK9FqCkcUY7Qd6ggLvLXh/KvtExRCfhAO5w=
-----END CERTIFICATE-----
File 3: private.key: All the text between the <key> </key> tags i.e.
Code:
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDHxMtnxqpJsy/eLWud03uk6V+Ot73YzOTmR/mUpq1TmdQrAHgn
...
bW5+zawHMOoH0BMzLy9TlP/bIAarrynqRcffc+k8Rzcl
-----END RSA PRIVATE KEY-----
File 4: tlsauth.key: All the text between the <tls-auth> </tls-auth> tags i.e.
Code:
-----BEGIN OpenVPN Static key V1-----
4f65292e639c83574026ab790f67257b
...
521021b9e6d45cdee7bfd22fce270a49
-----END OpenVPN Static key V1-----
d. Use these files while setting up the VPN connection in Network Manager as described in pgs 8, 9, 10 of the guide.
e. Look for the following bits in the .ovpn file (or may be given in documentation from the VPN provider) and setup accordingly
Code:
remote us.shieldexchange.com 1194 udp # Map to Gateway, Port & 'Use a TCP Connection' field (Advanced... in this case, no)
dev tun
dev-type tun # Map to 'Use a TAP device' field in Advanced... (in this case, no)
key-direction 1 # Map to Key Direction in Advanced -> TLS Authentication along with the tlsauth.key
e. In addition to the above fields make sure you use the Cipher and Hash function (under Advanced -> Security) prescribed by the VPN provider. In my case it's BF-CBC (Blowfish-CBC) and SHA1.
Bookmarks