How to configure VPN on Linux

13 Dec 2021

Everyone wants to have secure and private access to the Internet and using a VPN is one of the ways to achieve that. In this article, you will learn how to configure the most popular VPN protocols on Linux (OpenVPN, Cisco AnyConnect, SSL-VPN, L2TP/IPsec)

Content

What is a VPN?
What are the benefits?
How to configure VPNs on Linux
Conclusion

SUBSCRIBE for more Linux Videos

What is a VPN?

A VPN (Virtual Private Network) is software that encrypts your data and moves it through a “tunnel” between your computer and a remote network. This makes your data secure and safe when you are connected to any network online because your computer is not directly exposed to the Internet. It is shielded by a remote network to which you connect with the VPN software.

What are the benefits?

Using a VPN can be very beneficial, even for those who think one is not needed. It bears several benefits.

Your data is encrypted

When you are connected to a public network, any information is at risk to hackers. Bank details, personal information, and more can be at risk if you are not protected. Some internet service providers (IPS) are not fair and may collect and sell your internet activity data. By using a VPN, you encrypt all the traffic going to and from your computer and thus protect yourself from these issues.

Mask your IP address

When you use a VPN, your IP address is not known to the Internet, because all your activity looks like it goes from the IP address of your VPN instead of your real IP. This may be extremely useful if you need to protect your identity.

Access restricted content

Certain websites restrict access to their content only to local users. For example, many media websites have such restrictions and you may not be able to access them when you are abroad. I showed how you can fix this issue by using the IP settings in the TOR browser. Using a VPN is a more elegant solution because there is no connection slow-down as in TOR. Many VPN services provide an option to select an IP of any country. So, you may pretend that you access a website from within a country but in fact, you are located outside of it.

Avoid internet speed throttling

Besides selling your data, your internet service provider (IPS) may also be unfair and may throttle or slow down your internet connection when you use too much bandwidth. There are several ways to check if your connection is throttled Using a VPN allows avoiding the monitoring by IPS and thus speed throttling.

Access office computer

You may also need to configure a VPN to be able to connect to your office computer or your work server. Office computers are often protected by the corporate network firewall, and you won’t be able to connect to them directly. You first need to connect to that corporate network using VPN software and only then to your computer/server. Recently many of us started to work remotely, and if configuring a VPN on Linux doesn’t look easy, this tutorial must help you.

How to configure VPNs on Linux

There are many versions of VPNs and they require different settings to make them work. We will have a look at the most common ways to configure VPN on Linux and we will focus on the programs that are available in Linux default repositories and enable VPN connection through the graphical network manager. Our goal is to see an established VPN connection using different VPN protocols. An example of the network manager icon that indicated working VPN in GNOME and KDE:

VPN connection is working

VPN software (DEB, RPM, sh, etc.)

Many VPN services provide a software package or a script that you download and install to get their VPN configured automatically. This is the easiest way to get a VPN working Unfortunately, these packages and scripts may not work equally well on all Linux distros because they are usually tailored only for the most popular Linux distros.

OpenVPN

OpenVPN is one of the most popular software to set up a VPN service. It is open-source software that is used by many businesses. You can even use OpenVPN to set up your own private VPN server.

Most Linux distros have OpenVPN pre-installed and you can find it in the Network settings. If you do not see the OpenVPN option in your network manager, you need to install it:

sudo apt install openvpn network-manager-openvpn network-manager-openvpn-gnome

After the installation, open the OpenVPN settings:

Settings -> Network -> add a new VPN -> OpenVPN

OpenVPN option in Network Manager

And add your VPN credentials. Depending on how your OpenVPN server is configured, you need to use different authentication methods:

Certificates (TLS)
Password
Password with Certificates (TLS)
Static key

I used the Certificates (TLS) method when I set up my private OpenVPN server, so I download all the certificates and keys and specify them this way:

OpenVPN TLS settings

Alternatively, if you have the OpenVPN.ovpn configuration file (file name may be different), you can import it and all the settings will be extracted from it automatically:

Settings -> Network -> VPN -> Import from file…

However, the import option doesn’t work correctly all the time, you can also open the OpenVPN.ovpn configuration file with a text editor and copy-paste the credentials to the network manager.

Cisco AnyConnect VPN

Cisco AnyConnect VPN is another popular VPN software that is used by many businesses and institutions. Often they require you to install Cisco proprietary software that will run on your computer and connect you to the Cisco AnyConnect VPN:

4.Cisco VPN proprietary login window

However, you do not need to install it to be able to connect to the Cisco AnyConnect VPN. Actually, I have had problems with installing the Cisco AnyConnect proprietary client on some computers. I prefer to have more control over my system and use open-source software when possible. Luckily, there is an open-source protocol that is compatible with Cisco AnyConnect. Just install OpenConnect:

sudo apt install openconnect network-manager-openconnect network-manager-openconnect-gnome

After the installation, go to the VPN settings:

Settings -> Network -> add a new VPN -> OpenConnect (Cisco AnyConnect)

Add the VPN address of your Cisco AnyConnect VPN provides to the Gateway and try to connect. You are likely to see this log-in window, where you enter your username and password:

Cisco VPN OpenConnect login window

If your Cisco AnyConnect VPN configuration also requires setting up certificates and scripts, you can add them in the settings window:

Cisco VPN OpenConnect Settings

SSL-VPN

I also have experience working with organizations that use an SSL-VPN (Secure Sockets Layer Virtual Private Network). The documentation on the VPN configuration stated that it was necessary to download and install FortiClient. I prefer to avoid installing third-party software and search for build-in Linux tools to configure an SSL-VPN. Turned out, it exists and it is straightforward to install and configure.

First, install fortisslvpn packages:

sudo apt install network-manager-fortisslvpn network-manager-fortisslvpn-gnome

Then, open its settings and configure it:

Settings -> Network -> add a new VPN -> select Fortinet SSLVPN (fortisslvpn) -> configure using your VPN account credentials

fortisslvpn settings

Usually, you only provide the address/gateway and the user name. You are prompted to enter your password when you try to connect.

L2TP/IPsec

L2TP/IPsec (Layer 2 Tunneling Protocol) is one more protocol of a VPN connection. I use it only occasionally as a backup VPN when the SSL-VPN connection doesn’t work. Its configuration on Linux is similar to other VPNs.

Install l2tp packages:

sudo apt install network-manager-l2tp network-manager-l2tp-gnome

Settings -> Network -> add a new VPN -> select VPN (l2tp) -> add the L2TP credentials -> IPsec Settings -> _add the IPsec credentials

An example of the L2TP settings:

L2TP settings

An example of the IPSec settings:

IPSec settings

Troubleshooting

Most VPN services are simple and straightforward to configure on Linux. You usually need only provide these settings:

Name: Whatever you want to call your VPN
Gateway: It is a web address or IP of your VPN. Sometimes you also need to provide a port number like this: vpn.somewebsite.com:443.
User name: your VPN account username. If your username is your email, try to use only the username without @somewebsite.com.
Password: Usually you can enter and save a password during the configuration in the network manager. But for some VPN, you only enter the user names and you are prompted to type the password when you try to connect.
Keys and certificates: many VPNs require to add keys and certificates to be able to establish a connection. Make sure you have downloaded and added to your configuration all the keys and certificates from your VPN provider. If you cannot find where to add them, check the “Advanced” setting for that VPN connection.

Finally, I have highlighted only the graphical configuration of a few VPNs, but all VPNs can also be configured and tested in the command line. If you have trouble establishing a VPN connection with GUI, try the command-line way. Here, is an example how to configure VPN in the command line on Linux.

Conclusion

Unfortunately, very few organizations provide clear instructions on how to configure a VPN on Linux. Often you have to follow the instructions for Windows and Mac and guess how to adapt them to Linux. However, almost any VPN can be configured on Linux. There was no VPN which I was not able to make work on Linux. I’ve shared my experience of configuring a VPN on Linux. If you have experience configuring other VPN protocols on Linux, please share it in the comments below. Also, if you have problems configuring a VPN on Linux, please comment below and we will try to help you.

Average Linux User Follow I am the founder of the Average Linux User project, which is a hobby I work on at night. During the day I am a scientist who uses computers to analyze genetic data.

Linux Administrator

#VPN
#server

« How to limit network bandwidth in Linux Linux Partitioning Recommendations »

Comments

six industries

August 2th, 2022 11:28

Beneficial article it is, you mentioned about what VPN is and what are its benefits, it helped me alot to get my point. I also posted a blog on my site in which I explained The main purpose and usage of VPN , I would prefer you to must give it a check and drop feedback on it. In it, I have explained the main purpose and usage of VPN that will give pleasure to you in understanding it in detail. Also Six-industries is an IT company, for the sole purpose of delivering IT-related services. Six-industries is one of the best US-based company providing services in cyber security, artificial intelligence, encryption, emergency management, etc. Check our website. Six industries are providing services to users all over the world.

↪︎ Reply to six industries

Never miss a post from us, subscribe to our newsletter

Explore →

Linux Applications (46) Customization (27) Desktops (28) Xfce (10) Themes and Icons (9) Distros (36) Installation Guide (9) Linux Mint (9) Arch Linux (15) Cinnamon (4) Debian (14) Things To do After Install (25) Manjaro (6) GNOME (12) Ubuntu (17) Plasma 5 (17) Review (20) KDE Neon (5) Linux General (14) Command Line (6) Budgie (3) Solus (3) Linux Administrator (10) Windows (2) elementaryOS (3) Linux hardware (2) Pop!_OS (2) Kdenlive (1) MX Linux (3) OBS (1) MATE (1) Garuda Linux (2) Mate (1) Things To Do After Install (1)