VPN systems like OpenVPN and PPTP VPN enable users
to protect their personal information. That’s because they allow access to
geo-restricted content only. And, of all the platforms that can be used to set
up a VPN system, Linux is probably the best, particularly Ubuntu. This platform
provides better package management. Nevertheless, nothing is 100% secure when
it comes to security focused systems. That’s why you need to know the best
practices for setting up a VPN system on a Linux server.
Here
are the steps to follow:
1.
Install
from repositories
Ubuntu has an OpenVPN package in the official
repositories. Simply click on the package menu then navigate to the Software
Manager.
You might be prompted to enter a root password or administrator password for the software manager to install your package. On opening the Software Manager Window, type “OpenVPN” in the search box then hit enter.
Double
click the OpenVPN package to open it then click the “Install” button.
After installation, the “Install” button changes to a “Remove”
button.
2. Install
Network Manager
This is a distribution and open source agnostic
framework. It runs well on different Linux distros and desktops and it uses
plug-ins to configure networks including OpenVPN. Follow the steps that you follow to install
OpenVPN to install Network Manager. Simply double-click the package and select
the “install” button.
To ensure that Network Manager has already picked up
plug-ins, use this command to restart it:
$ sudo restart network-manager
Alternatively, reboot the machine.
3. Configure
VPN
Click on the applet of the Network Manager on
the panel then click on the “Network
Connections” button.
A new window will open up. Clock on the “Add” button then add a connection.
A pull-down
list will appear when you click the “Add”
button. Under VPN, there is the OpenVPN option. Select it and click the “Create” button. This will open up a
window where you can choose a *.ovpn
file. Whether this will work or not depends on the set up of the OpenVPN
configuration file of your provider.
However, if a VPN provider has provided OpenVPN
configuration files in a TAR or ZIP file, download and open one of them. You
will see something like this:
In this image, the first line contains the FQDN
(Uk1.vpn.ac) for VPN server, the protocol, and the port (1194). Fill in something memorable as the Connection Name. Use VPN server or FQDN to fill in the gateway.
For Authentication Type, you can select
a Password. In most cases, password/username
authentication method is used. This is seen in a config file as:
auth-user-pass
Some providers use a Certificate Authority (CA). This is embedded in the OpenVPN
configuration file. On clicking the “CA
Certificate” button, it brings up a file that allows you to select a
certificate file. Select the file with a *.crt,
*.key, or *.pem extension.
Once you have done that, click on the “Advanced” button.
A common setting is “Use custom gateway port”. However, in the case illustrated above, the
server uses the official 1194 OpenVPN port. That means there is no need to set
up anything. But, a common option is “Use
LZO data compression” while “Use a
TCP connection” is a less common option. In the above case, the provider
uses UDP port 1194. If the network is unreliable or firewalls are restrictive,
you may use TCP. Nevertheless, the TCP meltdown effect makes it less efficient.
If you see this "comp-lzo" in the .ovpn file, it means that your provider uses LZO compression with an adaptive default. Theoretically, the adaptive setting discovers whether compression helps or not and enables or disables it on the fly.
4. Security
Still in the advanced options, click on the “Security” tab.
If there are no default options set up by the provider,
enter them here. In this case, the corresponding OpenVPN configuration file options are:
cipher AES-256-CBC
auth SHA1
The example further shows that the provider uses TLS authentication. So,
click on the “TLS Authentication”
button.
Here the config file line is:
tls-auth Wdc.key 1
That means Wdc.key is the key file name while Key Direction is 1. Note that yours will differ unless the provider is the same. Click the “Key File” button then select a key file. Also, click on the “Key Direction” to select a proper direction. Finalize the process by clicking OK then Save on the main configuration window.
5. Connect to VPN
Click on the applet of the Network manager on
the panel.
Different
configured VPN connections will show up. Click the connection that you want to
use and after establishing the connection, a message similar to this will
pop-up:
The applet for the Network Manager will also indicate a lock.
And, that’s it! Your VPN system on Linux will be up and running.
Do you need help with such content writing? Then get in touch with Bishop Writers. Simply send us an email via bishopwriters@gmail.com or visit our site for more details.
No comments:
Post a Comment