ubuntu 16.04 openvpn client setup
I am trying to connect to an openvpn server using Network Manager in Ubuntu 16.04. I have imported the connection configuration provided by the server using the Network Manager GUI. Here is the config.ovpn text:
client
dev tap
proto udp
remote XX.XX.XX.XX 12974
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
cipher AES-128-CBC
comp-lzo
verb 5
In addition to the imported configurations, I have also changed IPv4 Settings to 'Automatic (VPN) addresses only' and checked 'Ignore automatically obtained routes'.
When I attempt to initiate the connection as an unprivileged user (this user doesn't even have sudo privileges), the connection fails. Executing the command 'openvpn ~/config.ovpn' as root appears to connect although I am unable to ping any IPs connected to the VPN (including the gateway). The output shows:
TUN/TAP device tap0 opened
TUN/TAP TX queue length set to 100
Initialization Sequence Completed
Just a few lines before that though, I see the following:
SENT CONTROL [netgear]: 'PUSH_REQUEST' (status=1)
PUSH: Received control message: 'PUSH_REPLY,route 172.28.0.1 255.255.
OPTIONS IMPORT: timers and/or timeouts modified
OPTIONS IMPORT: route options modified
OPTIONS IMPORT: route-related options modified
ROUTE_GATEWAY 192.168.
OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
OpenVPN ROUTE: failed to parse/resolve route for host/network: 172.28.0.1
Searching through OpenVPN's community documentation suggests that this might be because I need to reconfigure openvpn to run as an unprivileged user, but the instructions for doing so appear to be slightly outdated. Other places seem to suggest that I need to setup a static route or static 'tap' interface. I've also
So, to be clear, I need to be able to connect to the VPN as an unprivileged user. If I need to grant limited sudo privileges to users that require access to the VPN, I will do that. It is not clear to me that this is the fix though. I am familiar enough with RedHat and CentOS to feel comfortable doing whatever needs to be done (nmcli, firewall-cmd, selinux, etc.), although I am a little unfamiliar with the CLI and GUI tools available in Ubuntu. Any info or direction would be enormously helpful.
Question information
- Language:
- English Edit question
- Status:
- Expired
- For:
- Ubuntu Edit question
- Assignee:
- No assignee Edit question
- Last query:
- Last reply: