Follow

Endian OpenVPN and Network Manager on Linux

Versions 2.5, 3.0 & 5.0

Applies to Platform: Linux
Updated on: 29th of August 2013

This lesson guides you in setting up an OpenVPN roadwarrior  client connection to your Endian UTM Appliance using a plugin for Network Manager in Linux operating system.

OpenVPN Network Manager plugin 

OpenVPN is one of the opensource VPN solutions offered on the Endian UTM Appliances, whose main characteristics are security, scalability, support for many operating systems, speed, and easy integration with different authentication systems.

To connect Linux workstations to an OpenVPN server you need the Network Manager VPN plugin for OpenVPN, freely available in the repositories.

Software installation

In case you already have the package installed, please skip this step and go to "Connection Configuration" below, otherwise please follow these steps to install and configure the network manager plugin from the CLI:

To install it, use it as root:

root@linux:~# apt-get install network-manager-openvpn

on Ubuntu or Debian based distributions and

root@linux:~# yum install networkmanager-openvpn

on Fedora or RedHat based distributions. The above commands would also resolve the necessary dependencies, meaning that other packages can be installed along with the OpenVPN plugin.

Troubleshooting for Fedora 17 and /or SELinux users

Fedora 17 users and in general whoever uses the SELinux framework should pay attention to the following point: OpenVPN may not be allowed to access the .pem files that are mandatory for the connection to an Endian UTM Appliance.

To bypass this problem, grant to OpenVPN access to .pem files, which is a mandatory requirement for certificate-based OpenVPN connections. This can be achieved by issuing the followign commands as root:

root@linux:~# grep openvpn /var/log/audit/audit.log | audit2allow -M mypol
root@linux:~# semodule -i mypol.pp

Connection configuration 

Note

Depending on the version of network manager you have installed and on the desktop environment you use, the following screenshots and steps may slightly differ.

To configure a connection:
Go to the Network Manager icon in the tray and right-click on it. Next, go to VPN Connections > Configure VPN.
netman.png

A window will appear allowing you to set up the connection by supplying all the necessary parameters. Click on OpenVPN.

netman2.png

Now, follow these steps in the VPN tab:

netman1.png

Click on Add > OpenVPN > Create.

  1. Write the OpenVPN server IP address.
  2. Fill in the Username and Password fields.
  3. Choose the CA certificate you received for this connection.

netman3.png

Click on Advanced. In the new window carry out the next two steps.

netman4.png

  1. Tick the options: Use LZO data compression, and Use a TAP device > OK. (If the OpenVPN server is configured to use a TAP devive, otherwise do not tick it or specify TUN)
  2. Go to IPv4 > Routes and tick Use this connection only for resources on its network.

 

Now you have a fully working road-warrior connection to your Endian UTM Appliance. Enjoy!

Have more questions? Submit a request

Comments