Ubuntu VPN Connection for Dummies

Connecting to your Microsoft PPTP VPN server and using remote desktop at work can be critical for those who find themselves working from home from time to time.  Personally, this single issue kept me from getting rid on my dual-boot Ubuntu-Windows setup, until I found a solution.
Yes, configuring your Ubuntu VPN could be a pretty frustrating task. For once Linux does not have a VPN Client configuration wizard like Windows does. In addition Linux is not able to detect and add routes automatically as Windows does and inexplicably practically all Ubuntu VPN tutorials on the web do not explain this. That is why I have written this walk-through.


STEP 1:

You need to install 2 packages, use Synaptic or the Command line if you prefer (If you do the first, it will install the second as a dependency):

network-manager-pptp
pptp-linux

Click on:

Network Connection icon –> VPN Connections –> Configure VPN


At the Network Connections window click on: Add


Click on: Create


STEP 2:

Once you click on “Create” you to get the edit window, these are its sections explained:


1) Connection Name: This is just a name for you to identify the VPN connection you can name it whatever you prefer.

2) Gateway: This is the external IP address of the VPN you are connecting to. (e.g. your workplace, etc.)

3) Username and Password: Enter Username and password of the VPN network you are connecting to.

4) NT Domain: This is the domain name of the network you are connecting to. Some NT domains require you to enter .local following the domain name. Make sure you try this if you connection does not work. Meaning if your domain name is ntdomain try it as both ntdomain and as ntdomain.local


STEP 3:

Click on the “Avanced” button


Under the “Authentication” section

- Uncheck PAP and EAP
- Check CHAP, MSCHAP, MSCHAPv2
- Check “Use Point-to-Point encryption (MPPE)
- Select the type of encryption used on you network. Usually “128-bit (most secure)
- Uncheck all other settings except “Send PPP echo packets”
- Click “OK”


STEP 4:

**optional**

Entering routes:

Back on the Ubuntu VPN client editing window…

- Click on the IPv4 settings tab


1) Leave Method on “Automatic VPN”
2) Click on Routes


1) Address: Enter the internal IP address of the machine you want to connect to
2) Netmask: Netmask of the remote network
3) Gateway: Gateway of the remote network (Usually internal IP address of remote router)
4) Metric: Set Metric to 1

Once you finish reboot your computer and you are done!

Next step, if you are connecting to a Windows based network, will be to connect from your Ubuntu machine to your Windows based machine at work.

Hope this article was helpful in getting your Ubuntu VPN client working as it should. If you have any questions feel free to add a comment to this article.


27 comments:

  1. Steve Grace, 18. August 2011, 20:37

    Thanks for the tutorial! It worked for me on Xubuntu 11.04.

     
  2. Heretic, 11. July 2011, 11:47

    Hello there,
    I have a huge funny problem.
    as long as I connect to my vpn service within Windows [Vista Home Pr.], I have no problem…
    but when I connect via Linux [Ubuntu 10.4 LTS], I can surf only Normal NON-Https websites.
    crystal clear example: I can go to http://www.gmail.com; but I cant log into my email bcuz it goes HTTPS.
    any suggestion?

     
  3. Pablo Garcia, 6. July 2011, 11:21

    Hi Loomis:
    Dial in the wireless link? Windows 7 does this automatically? You mean connect to the router automatically? I am not sure I understand what you mean. Connecting to a wireless router with Ubuntu is extremely easy, probably easier than Windows.

     
  4. al loomis, 6. July 2011, 7:10

    i hoped i could use this clear description of vpn to work around my real problem, which is getting the ‘wireless’ part of the network to fly. no, it don’t do it.

    amazing how difficult it can be to dial in the wireless link, considering win7 does it all automatically. thx anyway.

     
  5. Pablo Garcia, 1. July 2011, 12:23

    Hi Loomis:

    192.168.1.1 will never work. That is an internal address. Addresses starting with 192.168…. 172,16…. and 10.1…. are designed to be used in “private networks” so they are always internal. You have to find out what your external address is, and connect to that address. Use this site to find out the external address at your workplace:

    http://www.ipchicken.com

     
  6. al loomis, 29. June 2011, 22:21

    the 1st edit window ‘gateway’ is described as the external address of the machine you are connecting to. (your workplace). our connection is variable external, 192.168.1.1 internal. that doesn’t work. perhaps the problem is elsewhere, and the internal address is ok?

     
  7. Orlando, 18. February 2011, 18:35

    This is how I got my VPN from http://www.yourprivatevpn.com to work. Thanks to Markus for the tech support.

    Configure via Network Manager GUI:
    1. input the IP address of the target computer.
    2. input your user name. Leave all else blank.
    3. hit Advanced button.
    4. check: MSCHAPv2
    5. check: Use Point-to-point encryption (MPPE)
    6. select: 128-bit
    7. check: Allow stateful encryption
    8. check: Allow PPP echo packets
    9. Leave all else blank. Hit OK, OK to save and get out.

     
  8. Dummy, 7. January 2011, 17:53

    OK I’m a dummy. I did that, but now how do I get it to connect?

     
  9. Gabor, 3. January 2011, 12:00

    Hi,
    sorry for the previous, the link does not appear in the comment.

    here you are

    http://ubuntuforums.org/showthread.php?t=1658384&highlight=vpn

     
  10. Gabor, 3. January 2011, 11:58

    Please help,

    I have a routing problem. The connection initiazed correctly, but the traffic blocked on the vpn connection
    Here is the whole story:

    what shall I write into the routing tab to make it work?
    please also answer to the above forum,

    thanks very much

    Gabor

     
  11. loolooyyyy, 23. December 2010, 20:27

    The VPN connection wont start automatically, how do I start it manually? please don’t refer to clicking the icon on the panel, I have removed everything on panel, and I want it to stay that way (however I tried to get it back there and I couldn’t find the one)
    if you could give me the terminal command I’d be so grateful

     
  12. Ambience (Trackback), 24. September 2010, 16:07
     

    Samsung N150 Mobile Broadband in Linux / KDE…

    If you have Mobile Broadband tab disabled (or greyed out) in the Network Manager in KDE, install the package modemmanager in your favourite package manager. Or do it manually from a command line as shown below: sudo apt-get install modemmanager After r…

     
  13. Syed Zaigham Ali, 24. September 2010, 9:44

    Dear all fellows,

    i have installed Linux i.e ubuntu 10.04 on my PC my service provider uses pptp server so i have installed pptp client and able to connect it successfully but problem is that it unable to browse internet. in windows it works fine.
    Kindly help me out.
    Regard,
    Syed Zaigham Ali.

     
  14. Pablo Garcia, 19. September 2010, 16:17

    Que raro, to tengo 10.04 en la mia y funciona perfectamente, seguiste el articulo paso por paso?

     
  15. carlos, 19. September 2010, 0:49

    en mi pc tengo ubuntu 10.04 y no he podido conectar el VPN siempre me dice: la conexión VPN <> ha fallado Gracias de ante mano

     
  16. AcTech, 7. June 2010, 4:27

    How can I start a second VPN connection? It’s greyed out in the menu if another VPN is active.

     
  17. ugm6hr, 5. June 2010, 15:38

    Thanks. Works for SGUL VPN too. Use Gigolo in Xubuntu 10.04 to mount my shares.
    Why Network Manager can’t manage its routes automatically remains a mystery.

     
  18. Pablo Garcia, 26. May 2010, 8:11

    Thanks Hcream, I corrected the error.

     
  19. HCream, 19. March 2010, 9:07

    Clear step-by-step instructions and screeshots! I just followed them and it works.

    There is a small typo in Step 2: the last description item should be 4) instead of 3).

     
  20. Melusine, 13. January 2010, 12:56

    Hi,

    I’m under kde/openbox and having set up a VPN connection thanks to your advice, through
    sudo systemsettings
    (using the system settings from the menu wouldn’t let me unlock the sudo mode)
    I can’t find the icon anywhere to actually be able to launch my newly created VPN connection. Is there a way to launch the connection through a command line instead ?

    Thanks
    Another dummy

     
  21. Jon, 5. January 2010, 11:17

    Have now got it all working – not sure what the problem was with the route settings as have just re-typed the route in.

    Thanks again.
    Jon

     
  22. Jon, 5. January 2010, 10:47

    Hi,

    I deleted the VPN configuration and went through the process again and have managed to connect now straight away.

    I just have one remaining issue -ir I have a route set along with the ‘Use this connection only for resources on this network’ no traffic seems to go over the VPN, removing the route etc all traffic goes over the VPN which I certainly don’t want as I mustn’t use my client networks for general internet traffic.

    I’m going to continue investigating this and see what I have wrong this time – if anything.

    Thanks for the detailed guide and assistance,
    Jon

     
  23. Michael, 5. January 2010, 0:00

    That worked flawlessly, thank you very much!

     
  24. Pablo Garcia, 4. January 2010, 20:25

    Jon, if you can connect with a Windows computer using the VPN Wizard and it connects fine with no special tweaks, then you should be able to do it with Ubuntu as well. Go through the instructions again and check the encryption type.

     
  25. Jon, 2. January 2010, 6:18

    Hi,

    Thanks for providing the tutorial instructions – they have let me configure one of the VPN links I need but I can’t get it to connect. Even though I enter the user & password details I get the error:
    nm_vpn_connection_connect_cb(): VPN connection ‘Page Associates’ failed to connect: ‘No VPN secrets!’. written to the syslog and no message or any requests on screen.

    Would be grateful if anyone can suggest anything I’ve missed.

    Thanks.

     
  26. Pablo Garcia, 23. December 2009, 8:28

    Good suggestion, thanks for your comment.

     
  27. Steven Barbaglia, 22. December 2009, 17:15

    Very helpful article!

    I have one small improvement to suggest…

    The optional section on routing at the end helps me when working from home, so that private activity on the internet does not go through the office computers via the VPN tunnel (as by default once VPN is established).

    The setting can be wider so that all office computers are covered: in the example above the address 192.168.1.0 and netmask 255.255.255.0 could be used in conjunction with setting the checkbox “Use this connection only for resources on this network”

    This setting can be tested with tracepath or traceroute on some public website before and after establishing the VPN connection to test it out.

     

Write a comment:


You will receive an email when your comment is answered


− 7 = one

.