Wednesday, December 30, 2009

OpenVPN client on Ubuntu 9.04 Jaunty

A few notes on setting up the openvpn client on Ubuntu, after my move from Windows. Configuration through the Network Manager VPN tab didn't work for me. As far as I could see, there was no way to directly import or copy my existing .ovpn files from Windows because NM doesn't use them. Instead, it uses it's own config files, which do not provide all the options of the standard openvpn client. The solution was to
  • install openvpn and resolvconf so that the name servers can be updated: sudo apt-get install openvpn resolvocnf
  • copy my .ovpn and key files to /etc/openvpn,
  • install gopenvpn to have a handy GUI launcher in the Gnome Panel. (the .deb package needs to be downloaded from the site)
  • Edit my .ovpn files to add up /etc/openvpn/update-resolv-conf and down /etc/openvpn/update-resolv-conf
It seems to work fine now. One example client .ovpn file looks like this:
client
dev tun
proto udp

remote hostname.example.com 1194

resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings

ca example-cacert.pem
cert clientname.example.lan.pem
key clientname.example.lan.key

comp-lzo
verb 3

up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
2 little things are annoying: I need to enter my password, because changing the network requires root privileges. I'm sure there must be a solution, but the annoyance is probably not worth the time needed to find and apply it. And the other glitch is that window asking for my key's password sometimes opens behind the others.

Labels: , , , ,