{"id":5465,"date":"2020-04-16T23:10:21","date_gmt":"2020-04-16T20:10:21","guid":{"rendered":"https:\/\/kifarunix.com\/?p=5465"},"modified":"2020-04-18T13:01:04","modified_gmt":"2020-04-18T10:01:04","slug":"connect-to-openvpn-using-network-manager-on-centos-8-ubuntu-18-04","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/connect-to-openvpn-using-network-manager-on-centos-8-ubuntu-18-04\/","title":{"rendered":"Connect to OpenVPN using Network Manager on CentOS 8\/Ubuntu 18.04"},"content":{"rendered":"\n

Sometimes it is easier to connect to an OpenVPN<\/a> server from the graphical user interface using the Network Manager. In this guide, we are going to show you how you can so easily connect to OpenVPN using Network Manager on CentOS 8\/Ubuntu 18.04.<\/p>\n\n\n\n

Connect to OpenVPN using Network Manager on CentOS 8\/Ubuntu 18.04<\/h2>\n\n\n\n

Install NetworkManager VPN Plugin for OpenVPN<\/h3>\n\n\n\n

In order to be able to connect to create OpenVPN network profile and connect to an OpenVPN server via gui, you need to install NetworkManager vpn plugin for OpenVPN which provides the necessary software for integrating VPN capabilities with the OpenVPN server with NetworkManager.<\/p>\n\n\n\n

On Ubuntu 18.04, the NetworkManager VPN plugin is available on the default repos and can be installed by running the command;<\/p>\n\n\n\n

apt install network-manager-openvpn<\/code><\/pre>\n\n\n\n
On CentOS 8, you need to install EPEL repos to enable you install the NetworkManager VPN plugins;<\/p>\n\n\n\n
dnf install epel-release<\/code><\/pre>\n\n\n\n
Then install install the plugins;<\/p>\n\n\n\n
dnf install NetworkManager-openvpn<\/code><\/pre>\n\n\n\n
Install NetworkManager VPN Plugin for GNOME<\/h3>\n\n\n\n
Apart from the OpenVPN NetworkManager plugin installed above, you as well need the plugin which provides GNOME bits of NetworkManager’s OpenVPN plugin otherwise you may get an error, Unable to load VPN connection editor<\/code><\/strong>, while adding OpenVPN connection profile.<\/p>\n\n\n\n
On Ubuntu 18.04, you can install GNOME OpenVPN Network Manager plugin by running the command;<\/p>\n\n\n\n
apt install network-manager-openvpn-gnome<\/code><\/pre>\n\n\n\n
On CentOS 8, you as well need EPEL repos to install GNOME network manager openvpn plugin. Since we already installed them, you can simply execute the command below;<\/p>\n\n\n\n
dnf install NetworkManager-openvpn-gnome<\/code><\/pre>\n\n\n\n
Obtain OpenVPN Configuration File<\/h3>\n\n\n\n
In most cases, you would usually receive the CA certificate<\/strong>, the respective client certificate and key<\/strong>, the HMAC authentication key<\/strong>, below are examples of these files in the respective order for user koromicha that were generated on an OpenVPN server.<\/p>\n\n\n\n
ca.crt\nkoromicha.crt\nkoromicha.key\nta.key<\/code><\/pre>\n\n\n\n
It is also possible to receive an OpenVPN configuration file (.ovpn) with all the above file contents put in-line.<\/p>\n\n\n\n
koromicha.ovpn<\/code><\/pre>\n\n\n\n
Connect to OpenVPN using Network Manager on CentOS 8\/Ubuntu 18.04<\/h3>\n\n\n\n
Both CentOS 8 and Ubuntu 18.04 uses Gnome display environment by default and thus, how you connect to OpenVPN using NetworkManager is similar.<\/p>\n\n\n\n
Launch the Network Settings and click the plus sign (+) on VPN section to add the VPN connection. You should see such a screen.<\/p>\n\n\n\n
\"Connect<\/figure>\n\n\n\n
Two things here: if you have, the CA cert, the client cert and the client key in separate files, click OpenVPN<\/code><\/strong> otherwise click Import from file...<\/code><\/strong> as commented in the screenshot above.<\/p>\n\n\n\n
When you click OpenVPN, such a screen as in below screenshot opens up. Set the name of the VPN connection, enter the VPN server IP and port on the Gateway bar, choose TLS Certificates for authentication type, import the CA cert, the client cert and the client key.<\/p>\n\n\n\n
\"Connect<\/figure>\n\n\n\n
Pay attention to HMAC authentication<\/strong> (the use of ta.key<\/strong>). If your OpenVPN Server HMAC authentication enabled, click Advanced<\/strong> settings.<\/p>\n\n\n\n
Click Security tab<\/strong> and set the HMAC algorithm to the value defined on the OpenVPN server.<\/p>\n\n\n\n
\"Connect<\/figure>\n\n\n\n
Click on TLS Authentication<\/strong> tab and under additional TLS authentication or encryption, choose TLS Auth<\/strong>, select the ta.key<\/strong> file and set Key direction to 1<\/strong>.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
Click Ok when finished.<\/p>\n\n\n\n
Ensure that the configurations sync with what is defined on the OpenVPN server configuration. Otherwise, connection will fail.<\/p>\n\n\n\n
Once done, click Add<\/strong> to create VPN connection when done setting up the options.<\/p>\n\n\n\n
Connect to VPN by toggling the ON\/OFF switch button or from network connection icon.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
On CentOS 8, if SELinux is enforcing, the VPN interface may fail to turn on. Be sure to check the logs<\/strong>.<\/p>\n\n\n\n
You can check assigned IP address;<\/p>\n\n\n\n
[koromicha@centos8 ~]$ ip add show tun0\n5: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 100\n    link\/none \n    inet 10.8.0.3\/24 brd 10.8.0.255 scope global noprefixroute tun0\n       valid_lft forever preferred_lft forever\n    inet6 fe80::d4c6:3ff0:e4e6:ee04\/64 scope link stable-privacy \n       valid_lft forever preferred_lft forever<\/code><\/pre>\n\n\n\n
If you have a .ovpn<\/strong><\/code> config file, you can simly click Import from file<\/strong>. All other settings will be populates automatically.<\/p>\n\n\n\n
You can as well use the openvpn<\/strong><\/code> or nmcli<\/strong><\/code> command to connect to VPN.<\/p>\n\n\n\n
sudo openvpn --config koromicha.ovpn<\/code><\/pre>\n\n\n\n
To use NMCLI command;<\/p>\n\n\n\n
nmcli connection import type openvpn file koromicha.ovpn<\/code><\/pre>\n\n\n\n
Check the connection;<\/p>\n\n\n\n
nmcli con s<\/code><\/pre>\n\n\n\n
NAME                UUID                                  TYPE      DEVICE \nWired connection 1  ae6debaf-8fdd-34b5-8b6c-52e04b7b9e0e  ethernet  enp0s3 \nkoromicha           474ef516-f077-4570-b87e-17342551400d  vpn       --  <\/strong>  <\/code><\/pre>\n\n\n\n
Bring up the VPN connection;<\/p>\n\n\n\n
sudo nmcli con up koromicha<\/code><\/pre>\n\n\n\n
When you bring it up, it creates a tun Interface with VPN IP;<\/p>\n\n\n\n
nmcli con s<\/code><\/pre>\n\n\n\n
NAME                UUID                                  TYPE      DEVICE \nWired connection 1  ae6debaf-8fdd-34b5-8b6c-52e04b7b9e0e  ethernet  enp0s3 \nkoromicha           474ef516-f077-4570-b87e-17342551400d  vpn       enp0s3 \ntun0                bb8044ed-90f3-4dd6-9ff0-86180edba4c6  tun       tun0<\/strong><\/code><\/pre>\n\n\n\n
Great, That is all on how to connect to OpenVPN using Network Manager on CentOS 8\/Ubuntu 18.04. Enjoy.<\/p>\n\n\n\n
Related Tutorials<\/h3>\n\n\n\n
Assign Static IP Addresses for OpenVPN Clients<\/a><\/p>\n\n\n\n
Install and Configure OpenVPN Client on CentOS 8\/Ubuntu 18.04<\/a><\/p>\n\n\n\n
Setup OpenVPN Server on CentOS 8<\/a><\/p>\n\n\n\n
Connect to Cisco VPN Using PCF file on Ubuntu<\/a><\/p>\n\n\n\n
Install and Setup OpenVPN Server on Fedora 29\/CentOS 7<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
Sometimes it is easier to connect to an OpenVPN server from the graphical user interface using the Network Manager. In this guide, we are going<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[121,282,34,321],"tags":[1142,1437,1438,1435,1439,67],"class_list":["post-5465","post","type-post","status-publish","format-standard","hentry","category-howtos","category-openvpn","category-security","category-vpn","tag-centos-8","tag-nmcli-connect-openvpn","tag-openvpn-centos-8","tag-openvpn-gnome-network-manager","tag-openvpn-ubuntu-18-04","tag-ubuntu-18-04","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/5465"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=5465"}],"version-history":[{"count":5,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/5465\/revisions"}],"predecessor-version":[{"id":5486,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/5465\/revisions\/5486"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=5465"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=5465"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=5465"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}