Consider securing your insecure connection
between you and remote resources,protecting your privacy,bypassing
reasonable restrictions,better connectivity or port forwarding ,using VPN is a
certain way to do so.
OpenVPN makes it easy to setup and use a
Public Key Infrastructure (PKI) to use SSL/TLS certificates for authentication
and key exchange between the VPN server and clients.OpenVPN can be used in
a routed or bridged VPN mode and can be configured to use either UDP or TCP.And
it is only using that single port for all communication.VPN client
implementations are available for almost anything including all Linux
distributions,OS X,Windows,OpenWRT based WLAN routers.
I
recently felt the need for a VPN while installing Spotify.I had to install it
by adding Spotify repositories into my /etc/sources.list because the .deb or
.rpm file was not available.Using proxies I could only browse the Spotify home
page.I had to use proxy because I am using a network in which some resources
are kept restricted.Doing this helped me get my hands on the repositories.
Updating
my sources.list file,I hit update on my terminal.The repositories that I added
were supposed to fetch and install Spotify but it didn’t.
It
was then realized that I need OpenVPN to fetch the files from restricted
resources using my terminal.
To
configure OpenVPN you require the zip file VPNBook-OpenVPN_US.
You can download it from this link - VpnBook
Steps:
1)Extract
the zip.On extracting you will find 4 text files already present in it.
2)Next
you need to create 3 text files in the extracted folder naming
them
“ca.crt” , ”certificate.crt” , ”key.key”.
3)Now
open any one of the 4 files which were present in the zip.I chose
vpnbook-us-1-tcp443.ovpn.
4)You’ll
see some predefined configurations.Here we are interested only in the
certificates.
5)Copy
the ca certificate between <ca>................</ca>.Paste it into
your ca.crt file and save it.
6)Follow
the same for other certificate and paste
it into certificate.cert.
7)Copy
the key between <key>.........</key> and paste it into key.key.
8)Next
you need to install VPN plugin.Install it by entering the following command
sudo apt-get install network-manager-openvpn
9)Next
click on your network icon on the status bar,under VPN connections choose
Configure VPN.
10)A
dialog should appear asking you the type of connection you want to setup.Choose
OpenVpn.
11)If
in case you do not see such option then execute following command.
sudo apt-get install network-manager-openvpn
network-manager-openvpn-gnome
12)After
selecting OpenVPN,hit OK.It should bring you to Edit VPN dialog box.Provide VPN
name according to your wish.
13)Now
open the same text file from which you copied your certificates.Copy the IP
address corresponding to remote and paste it into the gateway in the Edit VPN
dialog box.
14)Under
Authentication choose the type “Password with certificates(TLS)”.
15)The
username and the password are mentioned on the same site you downloaded the VPNBook zip.
16)Now
for User Certificate browse and choose the file certificate.crt , for CA
certificate choose ca.crt ,and for Private Key choose key.key.
(All
these 3 files you have already created by pasting certificates inside them ).
17)Leave
the Private Key Password textbox empty.
18)Click
Advanced option at the bottom.Select Use custom gateway port and enter the port
number which is present right next to remote ipaddress you copied previously.
I
chose the file with tcp433.ovpn so it was 433 for me.
19)Also,tick
Use LZO and TCP connection options.
20)Next,click
on security tab,and choose Cipher to AES-128-CBC.
21)Hit
OK and then hit save.
22)When
you are done with this,click on the network icon,choose VPN Connections,and the
name of your newly created VPN should appear there.Click on it to set that
vpn.You should see a message displaying VPN Connection Successful.That’s it.
After
doing this,and connecting my system to vpn,I hit update on my Linux once again
and then tried to install Spotify client , and voila! It started installing Spotify
client on my Ubuntu.
nice and easy,
ReplyDeleteworking properly.