Instruction: VPN Configuration for GNU/Linux
Every active MU student or staff member can make use of a VPN. In order to log in, one must use UČO and a secondary password as login data. Please follow the instructions in detail. Not keeping up with this procedure may result in a non-functioning connection.
Connecting via NetworkManager
NetworkManager is now included in most Linux distributions and is the preferred method of connecting to the VPN. The current instructions are written for Ubuntu, but are in principle applicable to most distributions and desktop environments that use NetworkManager.
OpenVPN version 2.4 or higher is required for connection, ideally v2.5. If your distribution only has older versions, it is possible to use the official repositories to install the current version.
After the configuration is imported, fill in the login details in the VPN dialog box. Continue by saving the configuration.
Connecting via Command Prompt
Connecting via the Command prompt is for advanced users and is suitable if you cannot or do not wish to use NetworkManager or other solutions.
To connect, you need to have the OpenVPN package installed.
- Download the configuration file.
- Save the file e. g. to /etc/openvpn/ or locally to your home directory.
This completes the configuration. Starting the OpenVPN tunnel also requires superuser rights and is done using the command:
sudo openvpn --config /etc/openvpn/muni-linux.ovpn
At launching, the program will require Username (enter your UČO here) and Password (enter your secondary password here). To end the VPN tunnel, press Ctrl+C.
To connect via the command prompt as a non-privileged user, consult the OpenVPN wiki.
Running via the command prompt in most distributions does not set up DNS correctly and queries are sent to your provider's servers (called DNS leak). To set up DNS correctly:
- for distributions built on Debian (Ubuntu, Mint, etc.) uncomment the DNS section in the configuration file,
- for other distributions, consult the OpenVPN wiki.
Connecting via the Pritunl Client
Another connection option is using the Pritunl client. This client supports configurations that NetworkManager does not support and can be a good solution e. g. if you need split-tunneling but do not like the command prompt.
The Pritunl client is free, including the source code, but its license is incompatible with the GNU/Linux system, so you won't find it in common distributions. To install it, follow the application's documentation.
Still having trouble with connection?
In case you have trouble connecting, have a look at the list of frequent problems. Also, do not forget to adjust firewall settings (UDP port 1194) so that it allows VPN connection.
Answers to questions about split tunnels, mail settings or passwords can be found in the section Frequently Asked Questions.