Setting Up a VPN on Ubuntu Posted on September 8, 2013 by Alvin Bryan Setting up a VPN on Ubuntu is different from VPN setups on other operating system varieties. The general guide below will help you to find the settings you need to check to prepare your systems for VPN connections. You should also look at the guides prepared for you by your choice of VPN provider for specific software setups.General Guidelines for Setting Up a VPN on UbuntuTo prepare a system for a VPN to work properly, you need to have some general knowledge of networks. Some specific knowledge of routers, firewalls and VPN protocols may also be needed. The first step in setting up a VPN on Ubuntu is making sure that you have support for the VPN protocol that works with Ubuntu. Below is the list of protocols and the indicative codes:PPTP (Microsoft VPN): sudo apt-get install network-manager-pptpCisco VPN: sudo apt-get install network-manager-vpncOpenVPN: sudo apt-get install network-manager-openvpnTo start setting up a VPN on Ubuntu, click on the network-manager found in the system tray. Select “VPN Connections” then “Configure VPN” and “Add”. If the added VPN connection does not automatically appear on the list, try restarting the network-manager. You can use the following code: killall nm-applet; nm-applet &. The VPN connection should now appear on the network-manager list.Setting Up a VPN on Varieties of UbuntuSome variations of Ubuntu have slightly different setup procedures. Please scroll down to find your system and follow the instructions there.Kubuntu Feisty 7.04For Kubuntu Feisty, the additional package needs to be installed: network-manager-gnome. To install NetworkManager, use this code: sudo apt-get install network-manager. Then, to install the GNOME applet / indicator, use: sudo apt-get install network-manager-gnome. The network-manager-pptp plugin is installed by default. But if you need VPN support via the network manager, you will need to install network-manager-openvpn, network-manager-vpnc, or network-manager-openconnect. On GNOME, you will need to install the -gnome packages for the VPN plugin you choose, either network-manager-openvpn-gnome, network-manager-vpnc-gnome, or network-manager-openconnect-gnome. For more help on this part, please see the Ubuntu Help Network Manager page.When this is set up, run the code: sudo apt-get install pptp-linux. Then create the file: /etc/ppp/peers/YOUR_COMPANY with this content: “pptp YOUR_VPN_GATEWAY –nolaunchpppd”debugnodetachlogfd 2noproxyarpipparam YOUR_COMPANYremotename YOUR_COMPANYname YOUR_DOMAIN_OR_SERVER_NAME\\YOUR_VPN_LOGINrequire-mppe-128nobsdcompnodeflatelocknoauthrefuse-eaprefuse-chaprefuse-mschapThen add this to /etc/ppp/chap-secrets: YOUR_DOMAIN_OR_SERVER_NAME\\YOUR_VPN_LOGIN * YOUR_VPN_PASSWORD * and create the file: /etc/ppp/ip-up.d/add-subnet with content similar to: [ "$PPP_IPPARAM" = "YOUR_COMPANY" ] || exit 0 route add -net 192.168.100.0/24 dev $PPP_IFACE After this, run: sudo chmod a+x /etc/ppp/ip-up.d/add-subnet Now you can connect to the VPN with this code: sudo pon YOUR_COMPANY. To disconnect, press Ctrl+C or close the terminal.Ubuntu 8.10These are the instructions for connecting Ubuntu 8.10 to a Microsoft VPN. First you will need to install the network-manager-pptp and pptp-linux packages. Then open Network Configuration Under “System” and “Preferences”. Select your VPN connection and click “Edit”. On the IPv4 Settings tab, choose the method “Automatic (VPN)”. On the VPN tab, enter the IP address of the computer you will connect to. Then enter the username. If you are connecting to a domain, enter the domain.Click the “Advanced” button and go to “Authentication”. Uncheck the PAP box and check CHAP, MSCHAP and MSCHAPv2. In the “Security and Compression” section, check “Use Point-to-point encryption (MPPE)” and select the 128-bit option for highest encryption security. Then check “Allow stateful encryption”. Finally, in the Echo section, check “Allow PPP echo packets”, click “OK”, and exit.Ubuntu 9.10These are the Ubuntu 9.10 settings for PPTP to an MS VPN on both x86 and x64 for Microsoft PPTP, Cisco and OpenVPN. For system upgrades, additional support may be needed. You can contact your provider for specific information. When dealing with different firewalls and VPNs, there can be many variations on these implementations, so please contact support if you need additional configuration details.First, install the various VPN components: PPTP, pptp-linux, and network-manager-pptp. For VPNC, use: network-manager-vpnc. For OpenConnect, use: network-manager-openconnect. Then reboot before you begin the PPTP VPN configuration for connecting to ISA 2004/2006 PPTP VPNs and MS PPTP VPN implementations. Create new PPTP connection and set the connection name on the VPN Tab Settings. Set the Gateway and username or domain\username. Click the “Advanced” button and go to “PPTP Advanced Options”. Uncheck all the authorization methods except for MSCHAPv2, then check “Use Point-to-Point encryption (MPPE)”. Confirm that “Security” is set at “All Available” rather than any specific setting. Check “Allow stateful inspection”, and uncheck “Allow BSD Data Compression”, “Allow Deflate Data Compression”, “Use TCP Header Compression”, and “Send PPP Echo Packets”, then save your configuration. To test the connection, enter the password but do not save. When a connection is established, verify that you have remote connectivity (ping, rdp, ssh) then disconnect. When you connect again, you can check both of the save password boxes, then verify remote connectivity again. The next time you use the VPN, it should connect automatically.For VPNC VPN configurations, create new VPNC connection and set the Gateway and Group Name. Set the User Password to “Saved” then enter the password, and set the Group Password to “Saved” and enter the password. Set the username and domain if you are connecting to a domain. Confirm that the Encryption Method is set to “Secure (Default)” and set the NAT traversal to “NAT-T” then save your configuration. Open the VPNC connection and choose “Always Allow” if you are prompted. Verify remote connectivity (ping, rdp, ssh) if you want the VPN to connect automatically.For OpenConnect VPN configuration, create a new OpenConnect connection and set the Name and Gateway, and set the “Authentication” to “Password/SecurID” and save your configuration. Open the VPN connection and check the “Automatically start connecting next time” box, then close the connection. You will see a message that says “No Valid VPN Secrets”. Open the VPN connection again and accept the certificate if you are prompted. Change the Group if you need to and enter the username and password. Use the domain\username if you are connecting to a domain. Enter the password and log in. If you cannot connect, do not change any configuration settings. OpenConnect is known for connection issues. Just wait about 20 minutes and try again. If it fails to connect, try using the domain\username. Contact support if you cannot connect. If you are able to connect, verify remote connectivity (ping, rdp, ssh) then disconnect. You should be able to connect again by entering the password.ExpressVPN Ubuntu SetupUsing VPN software on Ubuntu is simpler than configuring a client. Your chosen VPN provider should provide you with clear instructions for setting up a VPN on your variety of Ubuntu. As a sample, we have laid out here the step-by-step process of setting up ExpressVPN on Ubuntu.First, go to “System”, then select “Preferences” and “Network Connections”. Go to the VPN tab and click the “ADD” button. Select Point-to-Point Tunneling Protocol (PPTP) from the drop down menu and click the “Create” button. Verify that “ExpressVPN” is entered in the “Connection name” box. Enter the Gateway and the user name and password that were provided by the ExpressVPN support team. Go to the “Advanced” tab and check the “Use Point-to-Point encryption (MPPE)” box, then click the “OK” and “Apply” buttons and “Close”. On the top right hand of the screen, click on “Network Connections” then choose the ExpressVPN connection under the “VPN Connections” dropdown. You will know that you are connected to ExpressVPN when you see the lock icon in the bar at the top of your screen.