设置 VPN 客户端

Question 1

这是我为使其正常工作而遵循的程序。网络管理器中有一个错误，它无法正确执行 ovpn 导入 - 自 2010 年以来 (!)

https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/606365

在这个问题解决之前，我找到了这个网站

http://howto.praqma.net/ubuntu/vpn/openvpn-access-server-client-on-ubuntu

程序

Create a new folder in your home dir - I called mine vpn.config
Copy your downloaded client.ovpn file into the new folder

Open client.opvn in an editor

Open a new file
Cut the lines between <ca> tags in client.ovpn
Paste into new file, save this file as ca.crt
Remove both <ca> tags from client.ovpn

Open a new file
Cut the lines between <cert> tags in client.ovpn
Paste into new file, save this file as client.crt
Remove both <cert> tags from client.ovpn

Open a new file
Cut the lines between <key> tags in client.ovpn
Paste into new file, save this file as client.key
Remove both <key> tags from client.ovpn

Open a new file - this is the last one :-)
Cut the lines between <tls-auth> tags in client.ovpn
Paste into new file, save this file as ta.key
Remove both <tls-auth> tags from client.ovpn

And remove this line:
key-direction 1


Now position the cursor in client.ovpn, right above the line # -----BEGIN RSA SIGNATURE-----

Insert the following lines

ca ca.crt
cert client.crt
key client.key
tls-auth ta.key 1

Save and close all the files.

Goto Network Manager -> Edit Connections ->VPN
click Import, browse to the modified client.ovpn in the folder you recently created - and where your certificates are, and import that file
Enter vpn username and password if prompted
On the VPN page, select Advanced
On the General Tab, uncheck the first option, "Use custom gateway"

Save

Use...

Answer

这是我为使其正常工作而遵循的程序。网络管理器中有一个错误，它无法正确执行 ovpn 导入 - 自 2010 年以来 (!)

https://bugs.launchpad.net/ubuntu/+source/network-manager-openvpn/+bug/606365

在这个问题解决之前，我找到了这个网站

http://howto.praqma.net/ubuntu/vpn/openvpn-access-server-client-on-ubuntu

程序

Create a new folder in your home dir - I called mine vpn.config
Copy your downloaded client.ovpn file into the new folder

Open client.opvn in an editor

Open a new file
Cut the lines between <ca> tags in client.ovpn
Paste into new file, save this file as ca.crt
Remove both <ca> tags from client.ovpn

Open a new file
Cut the lines between <cert> tags in client.ovpn
Paste into new file, save this file as client.crt
Remove both <cert> tags from client.ovpn

Open a new file
Cut the lines between <key> tags in client.ovpn
Paste into new file, save this file as client.key
Remove both <key> tags from client.ovpn

Open a new file - this is the last one :-)
Cut the lines between <tls-auth> tags in client.ovpn
Paste into new file, save this file as ta.key
Remove both <tls-auth> tags from client.ovpn

And remove this line:
key-direction 1


Now position the cursor in client.ovpn, right above the line # -----BEGIN RSA SIGNATURE-----

Insert the following lines

ca ca.crt
cert client.crt
key client.key
tls-auth ta.key 1

Save and close all the files.

Goto Network Manager -> Edit Connections ->VPN
click Import, browse to the modified client.ovpn in the folder you recently created - and where your certificates are, and import that file
Enter vpn username and password if prompted
On the VPN page, select Advanced
On the General Tab, uncheck the first option, "Use custom gateway"

Save

Use...

Question 2

从 Ubuntu 软件中心安装network-manager-openvpn-gnome（通常在搜索 openvpn 时，它会在搜索结果中隐藏，除非您单击窗口底部的“显示 XX 技术项目”）。

或者可以使用终端（++ Ctrl）：AltT

sudo aptitude install network-manager-openvpn-gnome

此后，连接到 openvpn VPN 的选项将出现在

网络管理器 -> VPN 连接 -> 配置 VPN

Answer

从 Ubuntu 软件中心安装network-manager-openvpn-gnome（通常在搜索 openvpn 时，它会在搜索结果中隐藏，除非您单击窗口底部的“显示 XX 技术项目”）。

或者可以使用终端（++ Ctrl）：AltT

sudo aptitude install network-manager-openvpn-gnome

此后，连接到 openvpn VPN 的选项将出现在

网络管理器 -> VPN 连接 -> 配置 VPN

Question 3

您可能遇到的一些问题的解决方案：

无连接/断开 WiFi

从菜单中选择配置VPN。
选择您遇到问题的VPN。
单击编辑。
单击 IPv4 选项卡。
点击路线
选中“仅将此连接用于其网络上的资源”复选框。

来源

无法连接到 VPN 中的主机 - 防火墙配置

在此文件中：

sudo gedit /etc/firestarter/user-pre

添加以下规则：

iptables -A INPUT -j ACCEPT -s xxx.xxx.xxx.xxx -p esp
iptables -A INPUT -j ACCEPT -s xxx.xxx.xxx.xxx -p udp -m multiport -sports isakmp,10000
iptables -A INPUT -j ACCEPT -i tun+
iptables -A OUTPUT -j ACCEPT -d xxx.xxx.xxx.xxx -p esp
iptables -A OUTPUT -j ACCEPT -d xxx.xxx.xxx.xxx -p udp -m multiport -dports isakmp,10000
iptables -A OUTPUT -j ACCEPT -o tun+

将 xxx.xxx.xxx.xxx 替换为您的 VPN 网关的 IP 地址。

来源

Answer