tips:vpn:galileo

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
tips:vpn:galileo [2017/02/08 14:30] – [galileo openvpn] scipiotips:vpn:galileo [2024/07/19 10:21] (current) – [Console] sscipioni
Line 1: Line 1:
 ====== VPN Galileo ====== ====== VPN Galileo ======
 +
 +VPN PPTP/L2TP:
 +  * indirizzo server concentratore: vpn1.csgalileo.org
 +  * username e password
 +
 +<code>
 +yay -S networkmanager-l2tp networkmanager-strongswan
 +</code>
 +
 +aggiungere vpn L2TP
 +
 +{{ :tips:vpn:vpn01.png?400 |}}
 +
 +{{ :tips:vpn:vpn02.png?400 |}}
 +
 +{{ :tips:vpn:vpn03.png?400 |}}
 +
 +====== pptp manual ======
 +
 +<file ini /etc/NetworkManager/system-connections/galileo.nmconnection>
 +[connection]
 +id=galileo
 +uuid=97852b85-b57b-4b38-9687-d919f2820e57
 +type=vpn
 +autoconnect=false
 +permissions=user:scipio:;
 +timestamp=1623922800
 +
 +[vpn]
 +gateway=94.230.76.2
 +mru=1400
 +mtu=1400
 +password-flags=0
 +user=xxx
 +user-auth-type=password
 +service-type=org.freedesktop.NetworkManager.l2tp
 +
 +[vpn-secrets]
 +password=xxx
 +
 +[ipv4]
 +dns-search=
 +ignore-auto-dns=true
 +method=auto
 +
 +[ipv6]
 +addr-gen-mode=stable-privacy
 +dns-search=
 +method=disabled
 +
 +[proxy]
 +
 +</file>
 +
 +<code>
 +chmod 600 /etc/NetworkManager/system-connections/galileo.nmconnection
 +</code>
 +
 +change:
 +   * permissions=user:scipio:; (this is local linux user)
 +   * user=xxx
 +   * password=xxx
 +
 +
 +
 +====== pptp GUI ======
 +
 +Installare il package networkmanager-pptp
 +
 +Aggiungere una VPN pptp
 +
 +{{:tips:vpn:vpn_1.png?400|}}
 +
 +{{ :tips:vpn:ptpp-galileo.png |}}
  
 ===== galileo openvpn ===== ===== galileo openvpn =====
  
 Server certificate Server certificate
-<file txt galileo.pem>+<file txt ca.crt>
 -----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
-MIIF9zCCA9+gAwIBAgIJAJH+goVQrErpMA0GCSqGSIb3DQEBCwUAMIGRMQswCQYD +MIIDVDCCAjygAwIBAgIIK+uSMAP/qZcwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UE 
-VQQGEwJJVDEOMAwGA1UECAwFSXRhbHkxDzANBgNVBAcMBlZlcm9uYTEWMBQGA1UE +AwwRQ0EtVlBOQ09OQy1NRVVDQ0kwHhcNMjEwNzE1MTAxOTQwWhcNMjIwNzE1MTAx 
-CgwNR2FsaWxlbyBTQ0FSTDEaMBgGA1UEAwwRdnBuLmNzZ2FsaWxlby5vcmcxLTAr +OTQwWjAcMRowGAYDVQQDDBFDQS1WUE5DT05DLU1FVUNDSTCCASIwDQYJKoZIhvcN 
-BgkqhkiG9w0BCQEWHnN0ZWZhbm8uc2NpcGlvbmlAY3NnYWxpbGVvLm9yZzAeFw0x +AQEBBQADggEPADCCAQoCggEBAMpvDbQaXdZ670pKiI/b5WuQa3iXxr7A9Z37Yk82 
-NzAxMjAxMzUyMDZaFw0yNzAxMTgxMzUyMDZaMIGRMQswCQYDVQQGEwJJVDEOMAwG +5ezrDlDpG2fzX1L7VHFwP9ICxWl5f4D54k9tf4BjSdkSprCNGZy7m6jjub/6KAQu 
-A1UECAwFSXRhbHkxDzANBgNVBAcMBlZlcm9uYTEWMBQGA1UECgwNR2FsaWxlbyBT +Ogqys//Ngd8izPAWVT7DT34z5rH8uuSbM/ZpZa+W0AQEQQi3NkVL7il1dN6vBZYZ 
-Q0FSTDEaMBgGA1UEAwwRdnBuLmNzZ2FsaWxlby5vcmcxLTArBgkqhkiG9w0BCQEW +KDynF9xoWgrFNOjnzBB+/dJE/sz6Xz+HGhfMf8sQPg2BpOhjJNaQ+V3giRlGMQEA 
-HnN0ZWZhbm8uc2NpcGlvbmlAY3NnYWxpbGVvLm9yZzCCAiIwDQYJKoZIhvcNAQEB +r6hUwrOIYe0/fcP148eFl8pReAMwcw+Ngv3IV53iZq/DrJAWKwWwdwR4gevskVvz 
-BQADggIPADCCAgoCggIBAMrWc8+qZN2YTODQTvhRD3XoSayCv74/9tttwuE4R/HG +UeFulcgrXN0W+lGM1JWwSwMlCR5E8Q8u/Y2l35rxl4UE7NECAwEAAaOBmTCBljAP 
-J5iTbTCGfxgTkLmTFBIG5VmaBHlc2znSD6hEx/rrr2/2RhGaNH4b1tNQjVrlzYZr +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUGP2aPxrh 
-Z7eyRCq2vireGxgsYkBsyb5fVNDq0yz+nipl+Bu+Rj4wBTrgglly0qt4Ey8RGnBv +8UwB4OCsmtunMwXwdjYwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovLzk0LjIzMC43 
-tZduqx2iiswRk2awM+hDCFrjgDhfAS+S/MHDk8hPHrOZeYz8azj/RDclgARDx8sS +Ni4yL2NybC8xNC5jcmwwJAYJYIZIAYb4QgENBBcWFUdlbmVyYXRlZCBieSBSb3V0 
-mzAwwS07oC7lxwrPC33i3tf8FWfXwbtR4VasAKZl5Rw+N3tGWu9pM9IXSZn+sR1O +ZXJPUzANBgkqhkiG9w0BAQsFAAOCAQEAJ/9cl1glKLuvHHDXmnz17+bH5ZAWOR7g 
-rXGdw9WPX5oLWcE4wheIsnVquEardd6/ATk8OSk9anxaXGuudWByUDUovQaj/HVi +KMjY1P2b9eK08mAAq4+Gp8/N/suiMBN6hA+WHtzbPYurXZgm1tAlI2kZE0XdLtig 
-ODPCi2COEGaqFWgnu1UzhclIw1jHQMsdE7bDmC5GEySeSjdehwjcriUW287MtwnH +o2rJ3Z24E/MuxxPGhNQe+l1Qx4v9Cp5Q98NIZh9Hl5KEV4ZvInvXbVxlzOSz+KN3 
-fQusGXHzjbTu0SkWiuC5AYBnyKUQlfvzRUCeSDG8HnwjpRDd7Nk/7TFZEB31vdxw +R9fWzZrV9KWOWfLXvPF4n/nLyVL702VDgpPaMmrShIOTOfbh9OGcJ/IYDo5FN0C0 
-FGWCdqjYWNNzgW11qsi1ZQc0awjVBMdvGAMeEGhaEVEVxPFZZDz4K80ApjHtOxN3 +vO0dg/IddWkJ0LDQLB78MXP6gXrXRhhSCosnASJyoFbX7C+2ouXDMzjDUH/bZbPI 
-9cZA2NnJHVMiKKXn/8UbrwRasix4eoSrrSKlMJ5X7pltE/XJWIo7X0UMRdSiRZu0 +ilkuUqzSXarAg4LqxShPRxfSnX2kUP6IXsDeonX/UwmzrztRd+QZ2w==
-U11vNfpSq8Ydzna6fuImUrZ0d18KOiKpwA8EGefmCq8E34MqEieltTPFuD7bt9hN +
-AgMBAAGjUDBOMB0GA1UdDgQWBBTOWWuYdlt/Tlt3h9gQ73UWqr/RqjAfBgNVHSME +
-GDAWgBTOWWuYdlt/Tlt3h9gQ73UWqr/RqjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3 +
-DQEBCwUAA4ICAQCqcmEqOD2HqJUJ7wVT1ixZ/tmxYu7m7BRnEFE0aB3gF1OyhumK +
-i1WZSa/mi/Y6Qro2qzewmeyMBBoyONuWWd614wwrsH5zOUZJRnh2RyYuM0FTk1Cg +
-Gj2RMcN5FN6hUrssNW7k9YKH8cfYOCrR1AtHLs/vBKFHeqALcz76udwdDIIfDdE4 +
-blEg6Aa33YojvDPMIsbWC5Rr0VIXcM2WDvCoiXLrkv20WXGieBcHFckzVPsR6WYc +
-J6koBUQzLzvAyOyI0VdJcX8RsNT6VuEywjf3xCwQ+7P0bGjulOQ4NkUR8BF9/N/+
-3t+Gt7V9yRt2ZLz63TM3PPiaCKZ4LUwoU6TEGx/8CAPjCG5k3o3FukYyYpA3vho8 +
-ddm6QnLjW4go4m2kwD0BM74QUEp1ov+6lsuveEVGS2WMAi0Zd/dgDF+iKDbs0nEF +
-VwMjOmyo+G87iZvpt5HoxF9ckFndAs2S3mqu2nAd5dPhDWZr8muAkICjY575PRCU +
-eejWA3clVwc7y+HlaZpyvczh2usylDh4SkMlLAL3uAKVGymP4ujjizC0SKAdhkXO +
-QClOyfP+VvnLWVvXMii6kie6/cEA0yxnsNhF/Er+qAFfVdH0vpKMOTasD8la7jRw +
-/wo70cRed59R9VNeSUKnXTyTDe8ArrjO/kwVxSSgMtZnyAgeDwS6TF8sGw==+
 -----END CERTIFICATE----- -----END CERTIFICATE-----
 </file> </file>
  
 +==== GUI ====
 +ubuntu 
 <code bash> <code bash>
 sudo apt install network-manager-openvpn-gnome sudo apt install network-manager-openvpn-gnome
 sudo service network-manager restart sudo service network-manager restart
 </code> </code>
 +
 +arch: pacman -S networkmanager-openvpn
  
 add VPN connection with network manager GUI: add VPN connection with network manager GUI:
   * type: openvpn   * type: openvpn
-  * gateway: **vpn.csgalileo.org**+  * gateway: **vpn1.csgalileo.org**
   * user: <user>   * user: <user>
   * pass: <pass>   * pass: <pass>
-  * CA certificate: <galileo.pem>+  * CA certificate: <ca.crt>
   * in advanced settings check **"Use TCP connection"**   * in advanced settings check **"Use TCP connection"**
 +  * in route add 10.0.0.0/8 and 185.91.188.0/25
 +
 +==== Console ====
 +
 +<code bash>
 +sudo apt install openvpn
 +</code>
 +
 +<file txt auth.cfg>
 +<user>
 +<pass>
 +</file>
 +
 +<file txt openvpn.conf>
 +client
 +dev tun
 +proto tcp-client
 +remote vpn1.csgalileo.org
 +port 1194
 +nobind
 +persist-key
 +persist-tun
 +tls-client
 +remote-cert-tls server
 +ca cert_export_CA-VPNCONC-MEUCCI.crt
 +cert cert_export_client-VPNCONC-MEUCCI-adalcason.crt
 +key cert_export_client-VPNCONC-MEUCCI-adalcason.key
 +verb 1
 +mute 20
 +auth SHA1
 +auth-user-pass login.conf
 +cipher AES-256-CBC
 +;cipher AES-256-GCM
 +auth-retry interact
 +;route-gateway 172.22.22.1
 +route 10.0.0.0 255.0.0.0
 +route 172.16.0.0 255.240.0.0
 +route 94.230.77.0 255.255.255.0
 +route 94.230.78.0 255.255.255.0
 +route 94.230.79.0 255.255.255.0
 +route 109.104.240.0 255.255.252.0
 +route 185.91.188.0 255.255.252.0
 +#log-append log.txt
 +askpass chiave.config
 +
 +providers legacy default
 +data-ciphers-fallback BF-CBC
 +compat-mode 2.3.18
 +
 +</file>
 +
 +<file txt go>
 +sudo openvpn --config openvpn.conf
 +</file>
 +
 +Connect with 
 +<code bash>
 +./go
 +</code>
 +
 +==== Winzozz ====
 +
 +<file txt c:\Program Files\OpenVPN\config\auth_galileo.cfg>
 +username
 +password
 +</file>
 +
 +<file txt c:\Program Files\OpenVPN\config\galileo.ovpn>
 +client
 +dev tun
 +proto tcp-client
 +remote-cert-tls server
 +
 +remote vpn.csgalileo.org 1194
 +route 10.0.0.0 255.0.0.0 vpn_gateway 3
 +route 185.91.188.0 255.255.255.0 vpn_gateway 3
 +
 +resolv-retry infinite
 +nobind
 +persist-key
 +persist-tun
 +verb 3
 +auth-user-pass auth_galileo.cfg
 +script-security 3
 +<ca>
 +-----BEGIN CERTIFICATE-----
 +MIIE3zCCA8egAwIBAgIJAKI/infDrLAoMA0GCSqGSIb3DQEBCwUAMIGlMQswCQYD
 +VQQGEwJJVDELMAkGA1UECBMCVlIxDzANBgNVBAcTBlZlcm9uYTEQMA4GA1UEChMH
 +R2FsaWxlbzEQMA4GA1UECxMHR2FsaWxlbzETMBEGA1UEAxMKR2FsaWxlbyBDQTEQ
 +MA4GA1UEKRMHRWFzeVJTQTEtMCsGCSqGSIb3DQEJARYec3RlZmFuby5zY2lwaW9u
 +aUBjc2dhbGlsZW8ub3JnMB4XDTE3MDMyMjE1MDQ0NFoXDTI3MDMyMDE1MDQ0NFow
 +gaUxCzAJBgNVBAYTAklUMQswCQYDVQQIEwJWUjEPMA0GA1UEBxMGVmVyb25hMRAw
 +DgYDVQQKEwdHYWxpbGVvMRAwDgYDVQQLEwdHYWxpbGVvMRMwEQYDVQQDEwpHYWxp
 +bGVvIENBMRAwDgYDVQQpEwdFYXN5UlNBMS0wKwYJKoZIhvcNAQkBFh5zdGVmYW5v
 +LnNjaXBpb25pQGNzZ2FsaWxlby5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
 +ggEKAoIBAQDgxKb1DORrR5kZhTz1oj4ronvQaU8oyBc71y5oxp70XwIEQkW+87WT
 +lgfeT8fwqec6KIjQr6SJOhMmIDphYifN1gwseJ4rtLf33WZOsWgWNOeLjxcn354g
 +M26pWJt3ETP3THUu4dK4Y6T7t7dFJiaIZ0jRg15EIKHsfMZDYRtcl5Sc0EBw4G32
 +TndnWsy+vJRocM0zkniuDnNnI1GJh3MOLK+/nskOAJO22+vmYJcE3fMsjho2zJgB
 +qUteWn5pBZm91Q2KQa5W5OQYVNPA4wbopQHxhhEXGDDwm+iQsqjBQVK39TQDwBGS
 +foMxbPZwr17pJGbhhHGVNm8DP+XnTltFAgMBAAGjggEOMIIBCjAdBgNVHQ4EFgQU
 +6kM1PEOCDJ+cqiazQu70mrXni+AwgdoGA1UdIwSB0jCBz4AU6kM1PEOCDJ+cqiaz
 +Qu70mrXni+ChgaukgagwgaUxCzAJBgNVBAYTAklUMQswCQYDVQQIEwJWUjEPMA0G
 +A1UEBxMGVmVyb25hMRAwDgYDVQQKEwdHYWxpbGVvMRAwDgYDVQQLEwdHYWxpbGVv
 +MRMwEQYDVQQDEwpHYWxpbGVvIENBMRAwDgYDVQQpEwdFYXN5UlNBMS0wKwYJKoZI
 +hvcNAQkBFh5zdGVmYW5vLnNjaXBpb25pQGNzZ2FsaWxlby5vcmeCCQCiP4p3w6yw
 +KDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAYkF8O1NFJD0G5bJNn
 +hy4R7qStYnbELKFosI1KJ4Oz+ibYZxAOCOyURpacJq9NPYAS/P8SA4lHDjhe3ZIq
 +kNGq1ZxCHIsGWhagHFDHru2ct4nKtyEFSAzzy7UAnQITeTBZkEjDENWncdb41+VA
 +fJRoM8O1kj3+Kn0Zpwn126pp8/at3oyC4RMXM2FEztege5J93ZfogW/MuNyL4Jlv
 +iCGKzo/9UtjUGiHbuxUv7SimWYB4OAhrYR1t0sMLLJU7Bu012PEmxeyK6G1zJuBC
 +3/YQ9xlWkXlbp1E03OvBMCRp1AnJRsznZATBB4xnJ55ZPG6tEqCVS72j2fKMnCa2
 +vlW7
 +-----END CERTIFICATE-----
 +</ca>
 +</file>
  
 ===== Lavagno ===== ===== Lavagno =====
  • tips/vpn/galileo.1486560654.txt.gz
  • Last modified: 2017/02/08 14:30
  • by scipio