IPCOP with OpenVPN and Fiesty’s Network Manager
- Author: scott
- Filed under: Uncategorized, feel good, linux, sysadmin, ubuntu
May 10,2007
I recently decided to upgrade my IPCop box and in the process switch my home/office VPN from IPSec to OpenVPN.
First we install, Zerina’s OpenVPN addon to IPCop. Basically copy the zip to the IPCop box, unzip and run the install file. Actually follow this guy’s great tutorial up to step 7. he’s got it all covered.
Now that you have the OpenVPN server all setup and the OpenVPN client package (zip) what’s next? In order for this to work with Fiesty’s network-manager-openpvn package you first have to follow this guy’s great blog post about splitting the .p12 file up. (the .p12 file is found inside the client package zip file)
Ok - now you have a pem, crt and key file… let get it working with the VPN section of network manager. Ensure you have the network-manager-openvpn plugin installed sudo apt-get install network-manager-openvpn. Now click on the NM applet -> VPN Connections -> Configure VPN. Create a new OpenVPN connection.
Under the Required tab:
Gateway address: (your gw address)
Leave port as is
Connection Type: X.509 Certificate
CA File: (your pem file)
Certificate: (your crt file)
Key: (your key file)
Under the Optional tab:
I prefer to have “Only use VPN connection for these addresses”, but it’s up to you.
Ensure “use LZO compression” is checked
Use Cipher: BF-CBC
And you’re done!
Now when you want to connect to your VPN you can just click on the NM applet -> VPN Connections -> (Your VPN name) and it’ll start right up.
There is one annoying bug that I hope will be fixed soon: When you start your VPN it clears your /etc/resolv.conf file. I just have to manually fix it each time. See Lanuchpad bug here.
Categories
Archives
- August 2008
- July 2008
- May 2008
- April 2008
- March 2008
- February 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- March 2006
- February 2006
- January 2006
- December 2005
- November 2005
Meta
Blogroll
My del.icio.us
- A Geek's Guide: How To Pimp Your Car With Linux
- Knowliz: 20 Things to do after installing Ubuntu Linux
- ichverstehe's isaac at master — GitHub
- Soundsnap.com: Find and Share Free Sound Effects and Loops
- freesound :: home page
- The Code of Best Practices in Fair Use for Media Literacy Education -- Publications -- Center for Social Media at American University
- Install Shiki-Colors Theme on Ubuntu 8.10 : Ubuntu Tutorials : Dapper - Gutsy - Hardy - Intrepid
- Some Datasets Available on the Web » Data Wrangling Blog
- Merb 1.0 Released So Here’s 44 Links and Resources To Get You Going
- Where to search Ubuntu Personal Package Archives (PPA) -- Ubuntu Geek
- How to install KDE 4.1 on Ubuntu 8.10 (Intrepid Ibex) -- Ubuntu Geek
- Fonts as sharp as razors: Crux ports for -LCD patches « Motho ke motho ka botho
- Lifehacker Faceoff: Battle of the Thumb Drive Linux Systems
- Zelut’s Blog
- Autotest Notifications in Ubuntu with Mumbles « dambalah
My last.fm
- LDSVoices.com – I Will Remember Your Sins No More (Boyd K. Packer)
- Scientific American – Widespread Vaccination Keeps Unvaccinated Flu-Free
- Scientific American – Voting Affected By Implicit Beliefs
- Brian Ibbott – Today in Music History: November 4, 2008
- Scientific American – Stopping, Sopping, Bacterial Toxins
- NPR – NPR: 11-02-2008 Pop Culture
- Scientific American – Ground Can Bounce In Earthquakes
- LDSVoices.com – The Glass is Half Full: The Second Coming of the Lord Jesus Christ (Richard Neitzel Holzapfel)
- Slate Magazine – Explainer: Will Early Voting Skew Exit Polls?
- Slate Magazine – Explainer: Must Obama Prove He's a Natural-Born Citizen?
3 Responses for "IPCOP with OpenVPN and Fiesty’s Network Manager"
Thank you for your tutorial. I finally got it to work (playing around with it for a while).
One thing about the resolv.conf bug:
When you click on “Advanced Server Options” in the Zerina settings, you can enter a dns-server address which will be pushed to the clients. Ubuntu takes this address and writes it into /etc/resolv.conf. So you don’t have to do this manually.
When your pushed dns differs from your local one (as in my case), you’ve got to deal with this bug:
https://bugs.launchpad.net/ubuntu/+source/dhcp3/+bug/90681
since the dhcp-client overwrites resolv.conf regularly with the local dns servers.
Funny, isn’t it?
Nicely done HowTo. It worked for me the first time through, and I did not have the LaunchPad bug problem. Thanks again for a well done HowTo.
- Raque
Nicely done, I’ve set this up multiple times on a windows box, but finally wanted it running on my ubuntu install. Thanks for making things easy!
Cliff
Leave a reply