skip to content
 

Linux/Unix - Configuration

We have not yet tested all distributions (nor do we intend to!), just the most commonly-used ones. 

Network Manager

Network manager is used by Ubuntu (and other linux distributions) to manage network connections. It provides a convenient and user-friendly method of configuring VPN connections. It's used by default by desktop environments like Gnome and KDE. (Different desktop environments have different interfaces, so the images below might not match your experience perfectly. The available options should be the same, though.) If you don't use Network Manager then have a look at our general Linux instructions instead of this page.

To configure the VPN using NetworkManager, right-click the icon in your notification area - usually the top-right corner of the screen, but not universally. You should see a menu similar to the one below:

(NB: If you're not sure you have the right icon, the 'About' item will tell you that this icon is for Network Manager. If you get something else, try again elsewhere.)

Click on the 'Edit connections...' menu item to open the Network Connections screen.

From the Network Connections screen click the 'Add' button. On some versions of Linux you may need to switch to a tab labelled 'VPN' first.

Add a new VPN

Look through the list of network types offered. You may have an option to import a saved VPN connection. If you do, pick that one and use the config file here as the configuration to import.

If you don't have an option to import a saved config you will have to set things up by hand.

The type of VPN used by the Department of Chemistry is OpenVPN, so you should select that option. If you don't get an option to select that, you should install the OpenVPN module for network manager (in Ubuntu/Debian, the package is called 'network-manager-openvpn'. On some machines you'll also need to install 'network-manager-openvpn-gnome'. Note: if you install either of those packages, you will have the option to select OpenVPN immediately but you will need to reboot before anything works. Save some bother and reboot immediately after installing.).

OpenVPN uses some files which need to be saved onto your machine. It's important that these files don't get deleted, so create a directory somewhere safe like your home directry. Put the following files in there:

Fill in the configuration for the VPN connection:

  • Gateway: openvpn2020.ch.cam.ac.uk:443
  • Type: Password with Certificates (TLS)
  • User name: Your CRSID (the first part of your @cam email address) followed by @ch.cam.ac.uk
  • Password: Your ChemNet token. Collect this from https://apps.ch.cam.ac.uk/ssms/collectchemnet
  • User Certificate: Select the file 'client1.crt' you downloaded earlier
  • CA Certificate: Select the file 'ca.crt' you downloaded earlier
  • Private Key: select the file 'client1.key' you downloaded earlier
  • Private Key Password: Leave this blank!

There are some more settings under 'Advanced' which should be changed:

On the 'General' Tab, set:

OpenVPN advanced config, described in the list below

  • Use custom gateway port: should be left blank
  • Use custom renegotiation interval: should be checked and set to zero
  • Use LZO data compression: should be left blank
  • Use a TCP connection: should be left blank
  • Set virtual device type: select 'TUN' and set the name to 'tun'
  • All other options should be left blank

Now go to the Security tab and set the cipher setting to AES-256-CBC

The TLS Authentication and Proxy tabs don't need to have any changes.

Click 'Apply'

Now you should be able to start the VPN by going to the Network Connections menu and selecting it from the available VPNs.

Did it work?

Click on this link to find out.

Troubleshooting

There is troubleshooting information at https://www.ch.cam.ac.uk/computing/openvpn-troubleshooting

Can't find what you're looking for?

Then you might find our A-Z site index useful. Or, you can search the site using the box at the top of the page, or by clicking here.