How to add openvpn connection in the GUI using .ovpn .p12 and .key files
Turns out I had ipv6 enabled, and because it wasn't configured correctly on my laptop the whole thing broke down. After disabling ipv6 in the ipv6 tab it works like a charm.
So as a tip for future users banging their head like I did; disable ipv6 when in doubt.
Regardless, I wish you all a beautiful day!
Related videos on Youtube
kramer65
Updated on September 18, 2022Comments
-
kramer65 over 1 year
I'm trying to install an openvpn connection on my Ubuntu 18.04 laptop.
From my openvpn provider I got a username/password and a zip containing three files:
myvpn.openvpn myvpn.p12 myvpn.key
The
myvpn.openvpn
file looks like this (just replaced the ip address by stars):dev tun persist-tun persist-key cipher AES-256-CBC auth SHA1 tls-client client resolv-retry infinite remote ***.***.***.*2 1194 udp verify-x509-name "MyVPN" name auth-user-pass pkcs12 myvpn.p12 tls-auth myvpn.key 1 remote-cert-tls server redirect-gateway def1
I tried connecting from the command line, which works perfectly fine using
sudo openvpn --config myvpn.ovpn
But since I need to connect to this vpn all the time I want to be able to do it using the GUI. So I'm trying to follow this guide on askubuntu, but it doesn't behave like in the screenshots. When I try to add a new vpn connection in the gui and select the option to "Import from file" and select the
.openvpn
file it automatically sets things up like this (UI is in Dutch, but I guess most of it should be understandable for English speakers):The first thing that I noticed is that it selects the .p12 file for the
CA-Cert
, theUser Cert
and theUser Private Key
. Next to that it asks for a username and password (which I have), but also for a "Password User Key" (the last input field) of which I have no clue what it is. I tried various combinations, but I always get the same error (also translated from Dutch):Activation of network connection failed
I guess the variation which comes closest to the command line option is this one:
But that gives the same error.
Then there's also the button "Advanced..". Opening that scared the shit out of me. I simply have no idea where to begin in there.
Does anybody know how I can get this working somehow? Why is the command line option working perfectly, but is the UI so hard to get going? All tips are welcome!
-
Organic Marble almost 6 yearsInspect the .ovpn file for sections labeled key, crt, ca, etc. You may have to cut this file up into sections and point the gui to them. (I've had to do this) Didn't post as answer because no clue what the p12 file is.
-
kramer65 almost 6 years@OrganicMarble - I added the contents of the
myvpn.openvpn
file to my question. To me it doesn't give any new info. Does it give you any hints? -
Organic Marble almost 6 yearsThanks. From that, it looks like the GUI option that you posted in your first image ( in English, Password with Certificates (TLS)) is the right choice. Just a guess, will it allow you to set User Private Key to "none", since I don't see one?
-
kramer65 almost 6 years@OrganicMarble - No I can't set "User Private Key" to none. When I click it, it automatically opens a file picker. And when I use it like that and try to connect, it asks for the "User Key Password". I have to give something, so when I simply give the regular vpn password I gave before, it tries to connect, which takes longer than usual. But in the end that also fails with the same error. Any other ideas?
-
kramer65 almost 6 years@OrganicMarble - I was just thinking I can maybe list an issue with the developers of this network utility. The only thing I found was this though: tracker.debian.org/pkg/network-manager-openvpn . On that page I can't find any place to list an issue (also not on their gitlab page). Any ideas how I could contact them?
-
kramer65 almost 6 yearsAfter some searching I found this page on how to report bugs to the debian team: debian.org/Bugs/Reporting . I tried installing reportbug, but that is a bit too advanced for me. And reporting a bug via email is also not easy because it needs to adhere to a certain specific standard. So I guess reporting it as a bug is not really "in my league".
-
s1mmel almost 6 yearsAFAIK remember I had the same issue. The last password I think I used the same password as above, or none at all. I don't remember, sorry.
-