Installation

If not already available, first install the OpenVPN package. For example, via the command line with the command sudo apt-get install openvpn.

Graphical configuration

Preparation

The graphical configuration of the maths VPN is carried out via the NetworkManager. The extension network-manager-openvpn is also required for this. On some systems, network-manager-openvpn-gnome is also required. Both can be installed using the sudo apt-get command, specifying the two extensions. The service must then be restarted with the command sudo service network-manager restart.

Configuration

The configuration itself takes place in the aforementioned NetworkManager, which can be opened both in the Start menu under Connections and via the connection icon in the toolbar. A new connection is to be created there, where the OpenVPN option is selected under VPN connection types. The following settings must be made:

Important: This is not the normal password (e.g. for webmail) but a separate one. If you do not yet have VPN access data or if you have forgotten your password, please contact a member of staff at the computer centre.

The certificate required for the CA certificate field can be downloaded here and can be stored in a separate VPN folder, for example.

A few adjustments must also be made under Advanced .

1. general: Select the items Use custom UDP fragment size (1300) and Limit maximum TCP segment size (MMS), while all other items must remain deactivated.

2. security: Set cipher to standard andHMAC authentication to SHA-384 and deactivate Use user-defined size of code key.

3. TLS legitimisation: Verification of the server certificate is no longer used and can therefore be set to do not verify. Instead, the option Verify the remote peer's certificate using the signature must be activated and Server must be selected for the TLS type of the remote peer.