Difference between revisions of "Astrill Setup Manual:How to configure OpenVPN with Network Manager on Linux"

From Astrill Wiki
Jump to navigation Jump to search
Line 59: Line 59:
 
5. On '''VPN''' tab, you need to set the following:
 
5. On '''VPN''' tab, you need to set the following:
  
1. '''Connection name:''' ''Astrill VPN''
+
'''Connection name:''' ''Astrill VPN''
  
2. '''Gateway:''' ''<VPN Server IP address>''
+
'''Gateway:''' ''<VPN Server IP address>''
  
3. '''Authentication Type:''' ''Certificates (TLS)''
+
'''Authentication Type:''' ''Certificates (TLS)''
  
4. '''User Certificate:''' ''user.crt''
+
'''User Certificate:''' ''user.crt''
  
5. '''CA Certificate:''' ''ca.crt''
+
'''CA Certificate:''' ''ca.crt''
 +
 
 +
'''Private Key:''' ''private.key''
  
6. '''Private Key:''' ''private.key''
 
  
 
Then click on '''Advanced...''' button for more configuration options.
 
Then click on '''Advanced...''' button for more configuration options.
Line 76: Line 77:
  
 
[[File:Openvpn-linux-network-manager-005.jpg]]
 
[[File:Openvpn-linux-network-manager-005.jpg]]
 +
 +
 +
 +
On '''General''' tab, you need to set the following:
 +
 +
'''Use custom gateway port:''' ''tick and set 8292''
 +
 +
'''Use LZO data compression:''' ''tick''
  
  
 
[[File:Openvpn-linux-network-manager-005b.jpg]]
 
[[File:Openvpn-linux-network-manager-005b.jpg]]
 +
 +
 +
 +
On '''Security''' tab, you need to set the following:
 +
 +
'''Cipher:''' ''BF-CBC''
 +
 +
'''HMAC Authentication:''' ''SHA-1''
  
  
 
[[File:Openvpn-linux-network-manager-005c.jpg]]
 
[[File:Openvpn-linux-network-manager-005c.jpg]]
 +
 +
 +
 +
On '''TLS Authentication''' tab, you need to set the following:
 +
 +
'''Use additional TSL authentication:''' ''ticked''
 +
 +
'''Key File:''' ''tls.key''
 +
 +
'''Key Direction:''' ''1''
  
  

Revision as of 23:49, 25 January 2014

1. First open terminal, and use this command to install the OpenVPN Network Manager plugin:

sudo apt-get install network-manager-openvpn openvpn


Openvpn-linux-network-manager-001.jpg




2. Login to Members area, and create and download a certificate for OpenVPN with configuration files. Click on Members, login to your account, then click VPN Services, and then click on OpenVPN certificates generation.

https://members.astrill.com/openvpn-certificates.php


Openvpn-linux-network-manager-002.jpg




3. Open Astrill-ubuntu.zip file you just downloaded, and pick a server and extract the OVPN file (in this example 27-USA-Seattle-1.ovpn).


Openvpn-linux-network-manager-003.jpg


Then make 4 copies of 27-USA-Seattle-1.ovpn file, and rename them and edit them accordingly:

Text between <ca></ca> tags goes into ca.crt file

Text between <cert></cert> tags goes into user.crt file

Text between <key></key> tags goes into private.key file

Text between <tls-auth></tls-auth> tags goes into tls.key file


Openvpn-linux-network-manager-003b.jpg




4. Open Network Manager, and then click on Add button to create new connection.

Openvpn-linux-network-manager-004.jpg


Select OpenVPN for connection type, and then click on Create... button to create new OpenVPN connection.

Openvpn-linux-network-manager-004b.jpg




5. On VPN tab, you need to set the following:

Connection name: Astrill VPN

Gateway: <VPN Server IP address>

Authentication Type: Certificates (TLS)

User Certificate: user.crt

CA Certificate: ca.crt

Private Key: private.key


Then click on Advanced... button for more configuration options.


Openvpn-linux-network-manager-005.jpg


On General tab, you need to set the following:

Use custom gateway port: tick and set 8292

Use LZO data compression: tick


Openvpn-linux-network-manager-005b.jpg


On Security tab, you need to set the following:

Cipher: BF-CBC

HMAC Authentication: SHA-1


Openvpn-linux-network-manager-005c.jpg


On TLS Authentication tab, you need to set the following:

Use additional TSL authentication: ticked

Key File: tls.key

Key Direction: 1


Openvpn-linux-network-manager-005d.jpg