Linux/Unix - Configuration
We have not yet tested all distributions (nor do we intend to!), just the most commonly-used ones.
Network manager is used by Ubuntu (and other linux distributions) to manage network connections. It provides a convenient and user-friendly method of configuring VPN connections. It's used by default by desktop environments like Gnome and KDE. (Different desktop environments have different interfaces, so the images below might not match your experience perfectly. The available options should be the same, though.) If you don't use Network Manager then have a look at our general Linux instructions instead of this page.
To configure the VPN using NetworkManager, right-click the icon in your notification area - usually the top-right corner of the screen, but not universally. You should see the menu below:
(NB: If you're not sure you have the right icon, the 'About' item will tell you that this icon is for Network Manager. If you get something else, try again elsewhere.)
From the Network Connections list, change to the 'VPN' tab and click the 'Add' button.
The type of VPN used by the Department of Chemistry is OpenVPN, so you should select that option. If you don't get an option to select that, you should install the OpenVPN module for network manager (in Ubuntu/Debian, the package is called 'network-manager-openvpn' Note: if you install that package, you will have the option to select OpenVPN immediately but you will need to reboot before anything works. Save some bother and reboot immediately after installing it.).
OpenVPN uses some files which need to be saved onto your machine. It's important that these files don't get deleted, so create a directory somewhere safe like your home directry. Put the following files in there:
Fill in the configuration for the VPN connection:
- Gateway: openvpn2017.ch.cam.ac.uk
- Type: Password with Certificates (TLS)
- User name: Your CRSID (the first part of your @cam email address) followed by @ch.cam.ac.uk
- Password: Your ChemNet token. Collect this from https://apps.ch.cam.ac.uk/ssms/collectchemnet
- User Certificate: Select the file 'client1.crt' you downloaded earlier
- CA Certificate: Select the file 'ca.crt' you downloaded earlier
- Private Key: select the file 'client1.key' you downloaded earlier
- Private Key Password: Leave this blank!
There are some more settings under 'Advanced' which should be changed:
On the 'General' Tab, set:
- Use custom gateway port: should be checked with a value '443'
- Use custom renegotiation interval: should be left blank
- Use LZO data compression: should be checked
- Use a TCP connection: should be left blank
- Use a TAP device: should be left blank
The Security and TLS Authentication tabs don't need to have any changes.
Did it work?