This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
it_tips:luvpn [2020/03/13 16:48] florido [LUVPN on OpenSuSE 15.1] |
it_tips:luvpn [2020/05/08 15:56] florido |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== Connecting to the LU VPN ====== | ====== Connecting to the LU VPN ====== | ||
+ | |||
+ | :!: **20200508** These instructions have been updated. LU changed the way to connect to the VPN. I am investigating whether encryption is enforced. :!: | ||
The Lund University VPN is a system to secure connect from outside the LU network to | The Lund University VPN is a system to secure connect from outside the LU network to | ||
Line 49: | Line 51: | ||
# strictcrlpolicy=yes | # strictcrlpolicy=yes | ||
# uniqueids = no | # uniqueids = no | ||
- | enforceencaps = yes | + | forceencaps = yes |
</code> | </code> | ||
- restart the l2tp and ipsec services with this command: <code bash>sudo systemctl restart xl2tpd strongswan</code> | - restart the l2tp and ipsec services with this command: <code bash>sudo systemctl restart xl2tpd strongswan</code> | ||
+ | |||
+ | ==== Known issues ==== | ||
+ | |||
+ | Sometimes when restarting networking the icon on the upper right corner shows that you're disconnected, and the VPN will not connect any longer. It is a gnome3 bug that affects network manager. To solve, it is enough to restart gnome3 by doing the following: | ||
+ | |||
+ | - Press ''Alt'' and ''F2'' | ||
+ | - In the dialog that appears, type ''r'' and press enter | ||
+ | |||
+ | The icon should be restored. | ||
+ | |||
Line 62: | Line 74: | ||
- Click on the **+** plus symbol in the connection manager to add a new connection. {{ :it_tips:luvpn_os15_addconnection.png |}} | - Click on the **+** plus symbol in the connection manager to add a new connection. {{ :it_tips:luvpn_os15_addconnection.png |}} | ||
- Select the VPN type L2TP {{ :it_tips:luvpn_os15_selectl2tp.png |}} | - Select the VPN type L2TP {{ :it_tips:luvpn_os15_selectl2tp.png |}} | ||
- | - Configure the VPN as shown in the figure, then click OK. {{ :it_tips:luvpn_os15_configvpn.png |}} | + | - Configure the VPN as shown in the figure, then click Save. {{ :it_tips:luvpn_os15_configvpn.png |}} |
- The VPN is now listed in the network manager. Click OK. {{ :it_tips:luvpn_os15_vpndone.png |}} | - The VPN is now listed in the network manager. Click OK. {{ :it_tips:luvpn_os15_vpndone.png |}} | ||
- | - In order to connect, click on the small computer icon in the lower right corner, identify the VPN network and click on "Connect" {{ :it_tips:luvpn_os15_vpnconnect.png |}} | + | |
- | - You may be prompted for your LUCAT password. If all goes well, you should see this icon in the lower left corner: :FIXME: | + | ==== Connecting to the VPN ==== |
- | - The connection is now established, however is not very secure. You may need to configure IPsec to encrypt it, see later in this document. | + | |
- | - To disconnect, open the network manager icon again and click "Disconnect" | + | - In order to **connect**, click on the small computer icon in the lower right corner, identify the VPN network and click on "Connect" {{ :it_tips:luvpn_os15_vpnconnect.png |}} |
- | - Sometimes the applications do not react well after a vpn disconnect. Restarting NetworkManager doesn't help in opensuse, it just messes up with its configuration. The best is to logout and relogin. | + | - You may be prompted for your LUCAT password. If all goes well, you should see this icon in the lower left corner: {{ :it_tips:luvpn_os15_connected.png?600 |}} |
+ | - The connection is now established, however it is not very secure. You may need to configure IPsec to encrypt it, see later in this document. | ||
+ | |||
+ | ==== Disconnect from the VPN ==== | ||
+ | - To **disconnect**, open the network manager icon again and click "**Disconnect**" | ||
+ | - Sometimes the applications do not react well after a vpn disconnect. Restarting NetworkManager doesn't help in openSuSE, it just messes up with its configuration. The best is to close and reopen the application or logout and relogin. | ||
==== ::WIP:: Enabling IPsec ::WIP:: ==== | ==== ::WIP:: Enabling IPsec ::WIP:: ==== |