VPN Galileo
VPN PPTP/L2TP:
- indirizzo server concentratore: vpn1.csgalileo.org
- username e password
yay -S networkmanager-l2tp networkmanager-strongswan
aggiungere vpn L2TP
pptp manual
- /etc/NetworkManager/system-connections/galileo.nmconnection
[connection] id=galileo uuid=97852b85-b57b-4b38-9687-d919f2820e57 type=vpn autoconnect=false permissions=user:scipio:; timestamp=1623922800 [vpn] gateway=94.230.76.2 mru=1400 mtu=1400 password-flags=0 user=xxx user-auth-type=password service-type=org.freedesktop.NetworkManager.l2tp [vpn-secrets] password=xxx [ipv4] dns-search= ignore-auto-dns=true method=auto [ipv6] addr-gen-mode=stable-privacy dns-search= method=disabled [proxy]
chmod 600 /etc/NetworkManager/system-connections/galileo.nmconnection
change:
- permissions=user:scipio:; (this is local linux user)
- user=xxx
- password=xxx
pptp GUI
Installare il package networkmanager-pptp
Aggiungere una VPN pptp
galileo openvpn
Server certificate
- ca.crt
-----BEGIN CERTIFICATE----- MIIDVDCCAjygAwIBAgIIK+uSMAP/qZcwDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UE AwwRQ0EtVlBOQ09OQy1NRVVDQ0kwHhcNMjEwNzE1MTAxOTQwWhcNMjIwNzE1MTAx OTQwWjAcMRowGAYDVQQDDBFDQS1WUE5DT05DLU1FVUNDSTCCASIwDQYJKoZIhvcN AQEBBQADggEPADCCAQoCggEBAMpvDbQaXdZ670pKiI/b5WuQa3iXxr7A9Z37Yk82 5ezrDlDpG2fzX1L7VHFwP9ICxWl5f4D54k9tf4BjSdkSprCNGZy7m6jjub/6KAQu Ogqys//Ngd8izPAWVT7DT34z5rH8uuSbM/ZpZa+W0AQEQQi3NkVL7il1dN6vBZYZ KDynF9xoWgrFNOjnzBB+/dJE/sz6Xz+HGhfMf8sQPg2BpOhjJNaQ+V3giRlGMQEA r6hUwrOIYe0/fcP148eFl8pReAMwcw+Ngv3IV53iZq/DrJAWKwWwdwR4gevskVvz UeFulcgrXN0W+lGM1JWwSwMlCR5E8Q8u/Y2l35rxl4UE7NECAwEAAaOBmTCBljAP BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUGP2aPxrh 8UwB4OCsmtunMwXwdjYwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovLzk0LjIzMC43 Ni4yL2NybC8xNC5jcmwwJAYJYIZIAYb4QgENBBcWFUdlbmVyYXRlZCBieSBSb3V0 ZXJPUzANBgkqhkiG9w0BAQsFAAOCAQEAJ/9cl1glKLuvHHDXmnz17+bH5ZAWOR7g KMjY1P2b9eK08mAAq4+Gp8/N/suiMBN6hA+WHtzbPYurXZgm1tAlI2kZE0XdLtig o2rJ3Z24E/MuxxPGhNQe+l1Qx4v9Cp5Q98NIZh9Hl5KEV4ZvInvXbVxlzOSz+KN3 R9fWzZrV9KWOWfLXvPF4n/nLyVL702VDgpPaMmrShIOTOfbh9OGcJ/IYDo5FN0C0 vO0dg/IddWkJ0LDQLB78MXP6gXrXRhhSCosnASJyoFbX7C+2ouXDMzjDUH/bZbPI ilkuUqzSXarAg4LqxShPRxfSnX2kUP6IXsDeonX/UwmzrztRd+QZ2w== -----END CERTIFICATE-----
GUI
ubuntu
sudo apt install network-manager-openvpn-gnome sudo service network-manager restart
arch: pacman -S networkmanager-openvpn
add VPN connection with network manager GUI:
- type: openvpn
- gateway: vpn1.csgalileo.org
- user: <user>
- pass: <pass>
- CA certificate: <ca.crt>
- in advanced settings check “Use TCP connection”
- in route add 10.0.0.0/8 and 185.91.188.0/25
Console
sudo apt install openvpn
- auth.cfg
<user> <pass>
- openvpn.conf
client dev tun proto tcp-client remote vpn1.csgalileo.org port 1194 nobind persist-key persist-tun tls-client remote-cert-tls server ca cert_export_CA-VPNCONC-MEUCCI.crt cert cert_export_client-VPNCONC-MEUCCI-adalcason.crt key cert_export_client-VPNCONC-MEUCCI-adalcason.key verb 1 mute 20 auth SHA1 auth-user-pass login.conf cipher AES-256-CBC ;cipher AES-256-GCM auth-retry interact ;route-gateway 172.22.22.1 route 10.0.0.0 255.0.0.0 route 172.16.0.0 255.240.0.0 route 94.230.77.0 255.255.255.0 route 94.230.78.0 255.255.255.0 route 94.230.79.0 255.255.255.0 route 109.104.240.0 255.255.252.0 route 185.91.188.0 255.255.252.0 #log-append log.txt askpass chiave.config providers legacy default data-ciphers-fallback BF-CBC compat-mode 2.3.18
- go
sudo openvpn --config openvpn.conf
Connect with
./go
Winzozz
- c:\Program Files\OpenVPN\config\auth_galileo.cfg
username password
- c:\Program Files\OpenVPN\config\galileo.ovpn
client dev tun proto tcp-client remote-cert-tls server remote vpn.csgalileo.org 1194 route 10.0.0.0 255.0.0.0 vpn_gateway 3 route 185.91.188.0 255.255.255.0 vpn_gateway 3 resolv-retry infinite nobind persist-key persist-tun verb 3 auth-user-pass auth_galileo.cfg script-security 3 <ca> -----BEGIN CERTIFICATE----- MIIE3zCCA8egAwIBAgIJAKI/infDrLAoMA0GCSqGSIb3DQEBCwUAMIGlMQswCQYD VQQGEwJJVDELMAkGA1UECBMCVlIxDzANBgNVBAcTBlZlcm9uYTEQMA4GA1UEChMH R2FsaWxlbzEQMA4GA1UECxMHR2FsaWxlbzETMBEGA1UEAxMKR2FsaWxlbyBDQTEQ MA4GA1UEKRMHRWFzeVJTQTEtMCsGCSqGSIb3DQEJARYec3RlZmFuby5zY2lwaW9u aUBjc2dhbGlsZW8ub3JnMB4XDTE3MDMyMjE1MDQ0NFoXDTI3MDMyMDE1MDQ0NFow gaUxCzAJBgNVBAYTAklUMQswCQYDVQQIEwJWUjEPMA0GA1UEBxMGVmVyb25hMRAw DgYDVQQKEwdHYWxpbGVvMRAwDgYDVQQLEwdHYWxpbGVvMRMwEQYDVQQDEwpHYWxp bGVvIENBMRAwDgYDVQQpEwdFYXN5UlNBMS0wKwYJKoZIhvcNAQkBFh5zdGVmYW5v LnNjaXBpb25pQGNzZ2FsaWxlby5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDgxKb1DORrR5kZhTz1oj4ronvQaU8oyBc71y5oxp70XwIEQkW+87WT lgfeT8fwqec6KIjQr6SJOhMmIDphYifN1gwseJ4rtLf33WZOsWgWNOeLjxcn354g M26pWJt3ETP3THUu4dK4Y6T7t7dFJiaIZ0jRg15EIKHsfMZDYRtcl5Sc0EBw4G32 TndnWsy+vJRocM0zkniuDnNnI1GJh3MOLK+/nskOAJO22+vmYJcE3fMsjho2zJgB qUteWn5pBZm91Q2KQa5W5OQYVNPA4wbopQHxhhEXGDDwm+iQsqjBQVK39TQDwBGS foMxbPZwr17pJGbhhHGVNm8DP+XnTltFAgMBAAGjggEOMIIBCjAdBgNVHQ4EFgQU 6kM1PEOCDJ+cqiazQu70mrXni+AwgdoGA1UdIwSB0jCBz4AU6kM1PEOCDJ+cqiaz Qu70mrXni+ChgaukgagwgaUxCzAJBgNVBAYTAklUMQswCQYDVQQIEwJWUjEPMA0G A1UEBxMGVmVyb25hMRAwDgYDVQQKEwdHYWxpbGVvMRAwDgYDVQQLEwdHYWxpbGVv MRMwEQYDVQQDEwpHYWxpbGVvIENBMRAwDgYDVQQpEwdFYXN5UlNBMS0wKwYJKoZI hvcNAQkBFh5zdGVmYW5vLnNjaXBpb25pQGNzZ2FsaWxlby5vcmeCCQCiP4p3w6yw KDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAYkF8O1NFJD0G5bJNn hy4R7qStYnbELKFosI1KJ4Oz+ibYZxAOCOyURpacJq9NPYAS/P8SA4lHDjhe3ZIq kNGq1ZxCHIsGWhagHFDHru2ct4nKtyEFSAzzy7UAnQITeTBZkEjDENWncdb41+VA fJRoM8O1kj3+Kn0Zpwn126pp8/at3oyC4RMXM2FEztege5J93ZfogW/MuNyL4Jlv iCGKzo/9UtjUGiHbuxUv7SimWYB4OAhrYR1t0sMLLJU7Bu012PEmxeyK6G1zJuBC 3/YQ9xlWkXlbp1E03OvBMCRp1AnJRsznZATBB4xnJ55ZPG6tEqCVS72j2fKMnCa2 vlW7 -----END CERTIFICATE----- </ca>
Lavagno
- lavagno.pem
-----BEGIN CERTIFICATE----- MIIGATCCA+mgAwIBAgIJALHdThMpwfEhMA0GCSqGSIb3DQEBCwUAMIGWMQswCQYD VQQGEwJJVDEOMAwGA1UECAwFSXRhbHkxDzANBgNVBAcMBlZlcm9uYTEXMBUGA1UE CgwOQ29tdW5lIExhdmFnbm8xHjAcBgNVBAMMFWxhdmFnbm8uY3NnYWxpbGVvLm9y ZzEtMCsGCSqGSIb3DQEJARYec3RlZmFuby5zY2lwaW9uaUBjc2dhbGlsZW8ub3Jn MB4XDTE3MDIwODEzMDEzN1oXDTI3MDIwNjEzMDEzN1owgZYxCzAJBgNVBAYTAklU MQ4wDAYDVQQIDAVJdGFseTEPMA0GA1UEBwwGVmVyb25hMRcwFQYDVQQKDA5Db211 bmUgTGF2YWdubzEeMBwGA1UEAwwVbGF2YWduby5jc2dhbGlsZW8ub3JnMS0wKwYJ KoZIhvcNAQkBFh5zdGVmYW5vLnNjaXBpb25pQGNzZ2FsaWxlby5vcmcwggIiMA0G CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCysUSjvroVYifgpS2Yc5q97GzlFUZw 9Fu04IZqrVXE8Mz8hsCsaGql0MmeMo7Y4TFL9gb6IvAv655mCRY3l3KzRzcyg94f g4VB2SqjU3DhDtzZBUrBWo1v9P5oidftxVQbyUrrRJ6QUhlj4Ue1BZWUNd8ViTO9 xtnxUb8bz9XPxsf+GUajpA4w2cRGMX3N537dSYujcwSEsRTYndJubPDKcVJ6/3db olH6Y3pB4o/K9/MttOGwRmeJIMsgxFxV/qhlEXQxNrwZOd9dpZvs83JOz+mHdd9j 36IBScGNQRHz+UcSOuek7YlgsP/bxiEOra1D22ZdE0620fMfXoupNEV1B/4CgmhS IOTpJcRjKfPHmfpOpbDcIgw3QEmXcrW9K/sXihk5c7vN2mbiUyWtO6/Ihc8xmlUt 8Ilgvh1KSQ02IN9iObv4KAxL5dVZXmtku6H9LG6UfX/QxCg4/LH2RzwZcO0Al35R 3zn7FyOUKnvWrUuG/0hIiCoS4AgpTTIc9DCI5bA/YksOn8vz1SIklZ/vkjJ4LuxF JkBgBCVl4b8ohOXR5Ecq1Q3Ai1AR/8n4b9ho50wqhioekRSQ6WjHLLn9XYQrEdCN PXxulxnK7eiQtYD6Zn5A8MSvmfqUQ80QQsbMgO5YUt0lMxSX6qbZnItF76KYWSbD 72PFSDV24Lrg3wIDAQABo1AwTjAdBgNVHQ4EFgQUDke3u6KNfH6n+1S0wmUmWsB8 h18wHwYDVR0jBBgwFoAUDke3u6KNfH6n+1S0wmUmWsB8h18wDAYDVR0TBAUwAwEB /zANBgkqhkiG9w0BAQsFAAOCAgEArtRfwcY2gER3s8uABZBWte0o5QMDVnbFxWdk TE1knyOmhUj4tLvOs+sEjP4DHQRnKPpL86tccn3Z4ydS5mKNbbq1mNaslzvl66Zr fdhExA3uahUexo8wJ8BXL3b7YdQ/AP6kIh2eZOslptj+BKzqQKgFKy9mqdv9jXM/ cseT6+zdt258u8dSSGDrBj/87f1HTUYt1wcjcN0g8l5v0x0YrcsjyBw/i6hkVZWy bkByUTzuQSEJNZZwv7SHIDlZlXml0Sw1EoucrmxZAB2EsRLQfivbl536a711mgr8 DNof7+ttWpFBFb+U+G1ipDNhiBiAkhLJMSL7vB5JHcu/YLUgZiVXzOmD1YI812PJ wECaqp7VfbdNb9kzkpTMTAZqtWg60h1wq+zS094VkNTvSO/Dy8dtukA3BMkI/bwY fLAfq78Miu6KglFmJF2VSifxW7zynNIVe0DtXGmUOR16FKJfdwNxTZpmMZnPviRz YNmyA6A0gwPolKfwEFsRth0oKdQyZqyOZeriKoHBOWXkDH26MqMBlNMAzPodORbK YrXpcmIEOYSwJnMtW+rqfniH5mCYvq/SU+csDZr7uWgSMcY3im40f30JJ+ndYyig aBZVSFSow2dELbQdqo1aA/JR1hUk05NExE6KAIc4JNrMzD4b4HxMPcc/yuYLKDb3 Hd9TG/E= -----END CERTIFICATE-----
add VPN connection with network manager GUI:
- type: openvpn
- gateway: lavagno.csgalileo.org
- user: galileo
- pass: <pass>
- CA certificate: <lavagno.pem>
- in advanced settings check “Use TCP connection”