VPN - eduVPN - Installation Linux (ubuntu)
Overview
There are two ways to install eduVPN on Linux. eduVPN ist built upon OpenVPN. You can choose between using eduVPN-GUI or OpenVPN. Then you have to download a profile.
eduvpn-GUI
- easy renewing your expired profiles
OpenVPN with downloaded profile
- slimmer installation
NetworkManager always adds a default route. This results in to all data passing the VPN tunnel. See Network Manager und default Route
eduVPN-GUI
you can install eduVPN from https://www.eduvpn.org/client-apps/ Select tab Linux
On the web page https://python-eduvpn-client.readthedocs.io/en/master/ navigate to Debian and Ubuntu or your preferred Linux installation. This guide uses Ubuntu. https://python-eduvpn-client.readthedocs.io/en/master/installation.html#debian-and-ubuntu
Follow the instructions to install the eduVPN-GUI client.
After successful installation, start the eduVPN client.
Now select the appropriate Server by simply typing a keyword. In case this does not work, please enter the institution's name. Select the entry below Institute Access
| Institution | Keyword | Configuration Guide | eduVPN server |
|---|---|---|---|
| University of Applied Sciences Munich via LRZ-VPN | hm.edu | VPN - eduVPN - Konfiguration für HM | hm.eduvpn.lrz.de |
| Weihenstephan-Triesdorf University of Applied Sciences via LRZ-VPN | hswt.de | VPN - eduVPN - Konfiguration für HSWT | hswt.eduvpn.lrz.de |
| Leibniz Supercomputing Centre via LRZ-VPN | lrz.de | internal documentation | int.eduvpn.lrz.de |
| University of Munich via LRZ-VPN | lmu.de | VPN - eduVPN - Konfiguration für LMU | lmu.eduvpn.lrz.de |
| Technical University of Munich via LRZ-VPN | tum.de | VPN - eduVPN - Konfiguration für TUM | tum.eduvpn.lrz.de |
| Other VPN institutions with VPN affiliation | mwn.de | VPN - eduVPN - Konfiguration für andere Einrichtungen | rad.eduvpn.lrz.de |
OpenVPN with eduVPN configuration profile
Requirements:
- OpenVPN
- OpenVPN Plugin for Network Manager
To get the profile you have to log on to your institution's VPN server. Select the server on from the table above in the last column.
Select the tab Configurations
Expand the page. Now you can download configuration profiles. You need an extra configuration profile for every device you use. Give a speaking name to your profile to tell them apart.
The file name is built from these parts:
SERVERNAME_PROFILENAMEINTERN_DATE_YOURNAME.ovpn
You can manually check or even use your configuration profile from the command line:
$ sudo openvpn --verb 3 --config configuration.ovpn
To import your profile into NetworkManager open network setting in system settings:
Click on the little plus sign next to VPN
Here you can import your configuration profile.
Network Manager und Default-Route
To correct the routing select:
- use this connection only for Ressources on its Network
within IPv4 and IPv6 settings.
Save your Network profile.
You can check your setting with nmcli in a terminal:
# Checkbox gesetzt, Routing o.k. $ nmcli conn show eduVPN | grep never-default ipv4.never-default: yes ipv6.never-default: yes # Checkbox nicht gesetzt, zusätzliche default Route $ nmcli conn show eduVPN | grep never-default ipv4.never-default: no ipv6.never-default: no
You may as well configure this setting in NetworkManager's settings. Insert at [ipv4] and at [ipv6] never-default=true . The activate these new settings
/etc/NetworkManager/system-connections/eduVPN [connection] id=eduVPN uuid=8050532c-116f-11ec-93b7-23a58eab4fe8 type=vpn permissions= [vpn] ... [ipv4] dns-search= method=auto never-default=true [ipv6] addr-gen-mode=stable-privacy dns-search= method=auto never-default=true
sudo systemctl restart NetworkManager.service
On the VPN server web frontend you may administer and optionally delete your profiles.
