Engineering Network Services - CSU

Engineering Network Services
Engineering Network Services home page link College of Engineering home page link
 

VPN Information for Linux

SSL VPN

These instructions are provided as a courtesy. The SSL VPN is supported by ACNS, not ENS. Please contact ACNS if you have any issues with this tool.

The Engineering SSL VPN does not work with the CSU wired network, but will work from the CSU wireless network, and from off-campus connections (wired or wireless).

  1. Make sure you have the latest Java Runtime Environment installed.
  2. Go to https://secure.colostate.edu/engr and login with your CSU eName and ePassword.
  3. Type in your local machine account password for elevated privileges when prompted to install the java applet for the first time.

Once the applet installs, the web page will remain up. You can minimize the window or even close it and work as desired. There is a padlock icon in the System Tray Double-clicking this will display the connection properties, including the IP address you've been assigned. Closing this window will disconnect the secure session.

Now what? You may wish to mount network drives or connect to a server.

Open VPN

  1. Install OpenVPN and the OpenVPN NetworkManger addon by entering the approprate command in a terminal window:
    • For Ubuntu: sudo apt-get install openvpn network-manager-openvpn
    • For Fedora: sudo yum install openvpn NetworkManager-openvpn
  2. Download the CA certificate, client certificate, and the client key.
  3. Restart the Network manager or restart the machine.
    sudo /etc/init.d/NetworkManager restart
  4. Configure your VPN connection from the NetworkManager icon in the system tray, VPN Connections -> Configure VPN
  5. Use the following settings
    1. Gateway address: vpn.engr.colostate.edu
    2. Change the Authentication type to "Password and Certificate (TLS)" (Ubuntu 9.04+). For Ubuntu 8.04 use "X.509 with Password Authentication"
    3. The username is your Engineeering username.
    4. Give the paths to the CA file, the Certification file, and the key from step 2.
    5. Click on Advanced and check "Use LZO data comression".
  6. Click Apply to finish.
  7. To connect just select the VPN connection that you created from the NetworkManager tray icon.

To use Open VPN without the NetworkManager:

  1. Install OpenVPN by entering the approprate command in a terminal window:
    • For Ubuntu: sudo apt-get install openvpn
    • For Fedora: sudo yum install openvpn
  2. Download the CA certificate, client certificate, client key and the configuration files and move them to the /etc/openvpn folder.
  3. Change the prermissions on the key file to remove read and execute premissions for group and others:
    sudo chmod go-rx /etc/openvpn/engr.key
  4. To connect, open a terminal window and run this command:
    sudo /etc/init.d/openvpn start
    You will login with your Engrineering username and password.
  5. To disconnect, run this command:
    sudo /etc/init.d/openvpn stop

Now what? You may wish to mount network drives or connect to a server.

  
layout image
layout image

This document last modified Wednesday September 21, 2011


Engineering Network Services home page link College of Engineering home page link