Connect to RPi VPN with OVPN file

Connection sharing, Firewall, Samba..etc
Forum rules
Before you post please read how to get help
Post Reply
Stroopwafelandcoffee
Level 1
Level 1
Posts: 2
Joined: Tue Aug 21, 2018 10:47 am

Connect to RPi VPN with OVPN file

Post by Stroopwafelandcoffee » Tue Aug 21, 2018 11:12 am

Hello everyone,
I'm trying to switch to Linux Mint, the only thing I still need to get working is the VPN connection back to my home network. I have a raspberry pi 3 running there with raspbian Jessie installed. I used the piVPN setup on there to create an OVPN file. When I used this OVPN file on Windows it connected no problem. But on Mint I'm having issues actually connecting. What I do:

I go to Network Settings and from there I add a network from file and select the OVPN file. It seems to read in all the information just fine:

https://imgur.com/a/GnGVjSg

However, when I try to connect it times out. I do have a custom port, but selecting "custom port" doesn't change anything. Is anyone able to help me out here?

QUICK EDIT: I also tried splitting the OVPN file using the Python extract script, which resulted in the following setup:

https://i.imgur.com/FbdLA6c.png

But still no success.

User avatar
phd21
Level 16
Level 16
Posts: 6984
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: Connect to RPi VPN with OVPN file

Post by phd21 » Tue Aug 21, 2018 1:18 pm

HI Stroopwafelandcoffee,

It would help to know more about your system setup. If you run "inxi -Fxzd" from the console terminal prompt, highlight the results, copy and paste them back here, that should provide enough information.

From your screenshots, I do not see how any system could connect to your openvpn network server remotely because you do not have an actual correct public wan "ip address" or "URL Web Address" correctly formatted in the openVPN file or in the new "openVPN" connection's "Gateway" field in your Network Manager (NM). You can try entering in the correct IP Address or URL web address for your openVPN server into the new openvpn client's connection's "Gateway" field, save it, apply/ok, and retry connecting.

Depending upon your openvpn setup, you may also need to create a firewall rule to allow incoming for the IP address or URL and its "port". You can test if the Linux software firewall is a problem by temporarily disabling (turning off) the Firewall. FYI: I have not had to create firewall rules in Linux Mint to access various openvpn provider's servers for them to work.

FYI: When posting remote images, you can have the image(s) appear in the forum copying the "direct link" URL to the image from your image hosting website and then clicking "rimg" button in the forum toolbar before pasting the remote image URL, or highlight the URL link, then click the "rimg" button, then when you click submit, they should appear.

would look something like that below before clicking submit in a post or reply.

Code: Select all

[rimg]https://i.imgur.com/FbdLA6c.png[/rimg]
Image

Hope this helps ...
.
openVPN_ex1.jpg
openVPN example 1 - IP Address
.
openVPN_ex2.jpg
openVPN example 2 - URL web address
Phd21: Mint KDE 17.3 & 18.3, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

Stroopwafelandcoffee
Level 1
Level 1
Posts: 2
Joined: Tue Aug 21, 2018 10:47 am

Re: Connect to RPi VPN with OVPN file

Post by Stroopwafelandcoffee » Tue Aug 21, 2018 2:00 pm

Thank you for the excellent response! I found the culprit though. My RPi VPN service silently turned off just as I made the switch today haha.
Worked flawlessly for months and on the exact day I switched to mint it stops working. Found out by trying on my Windows PC back home. Wrote a new OVPN file and it all worked. Also works on Mint now. So at least we can use this as a reference for others:

Make sure you install both openvpn and openvpn-gnome:

Code: Select all

sudo apt-get install network-manager-openvpn
sudo apt-get install network-manager-openvpn-gnome
sudo restart network-manager
Then you download the OVPN file to your PC and you run them through the following script:

Link to github script

This will create a "_nocert" variant of your ovpn file, you'll need it later.

Then you go to the bottom right and click on the network icon, go to network settings.
On the bottom left click on the "+"
Choose the "from file" option
Select the "_nocert" ovpn file variant. The rest should be filled in automatically.
Fill in the password yourself, it is not stored in the ovpn file.
Enjoy!

User avatar
phd21
Level 16
Level 16
Posts: 6984
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: Connect to RPi VPN with OVPN file

Post by phd21 » Tue Aug 21, 2018 2:26 pm

HI Stroopwafelandcoffeem,

You are welcome...

The "RPi VPN service silently turned off" would certainly be a problem.

Linux Mint 18.x or newer (19.x) Network Manager when "importing a VPN" would automatically extract (create) the certificate and key files and any "tls" information from an openVPN configuration file (somewhere.ovpn) without running any 3rd party scripts or programs, or having to manually create them. Linux Mint usually has the openVPN packages already installed, but it cannot hurt to make sure.

It would not be a good idea to include a VPN password in your openvpn client file(s) as that would be a huge security risk.

Years ago I found a "script" method to easily extract (create) certificate and key files from an "openvpn" configuration file which worked well for Linux Mint 17.x and not needed for newer versions. You can use any text editor to create the script file and copy the contents below into it, save it, give yourself permission to run it, then run the script in a folder with just the one openvpn configuration file to easily extract the certificate and key files.

example of a bash script file name:
openvpn-extract.sh

Code: Select all

#!/bin/bash
cp *.ovpn vpnserver.ovpn
sed '1,/<ca>/d;/<\/ca>/,$d' vpnserver.ovpn > vpnserver-ca.crt
sed '1,/<tls-auth>/d;/<\/tls-auth>/,$d' client.ovpn > vpnserver-tls.key
sed '1,/<cert>/d;/<\/cert>/,$d' vpnserver.ovpn > vpnserver-crt.crt
sed '1,/<key>/d;/<\/key>/,$d' vpnserver.ovpn > vpnserver-key.key
Phd21: Mint KDE 17.3 & 18.3, 64-bit Awesome OS, Ancient Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram,256gb SDD, Video: Intel 4 Graphics, DVD Lightscribe. Why I use KDE?:https://opensource.com/life/15/4/9-reasons-to-use-kde

Post Reply

Return to “Other networking topics”