Using a VPN on Linux

Configuring a VPN for Linux to use with the UVA Anywhere Profile

Warning: Connecting via a VPN on Linux is not supported by either Research Computing or ITS. The only supported platforms are Windows and Mac OSX. Please do not submit tickets about this if it does not work.

The following instructions were tested on Ubuntu and have worked for some users.

You’ll need to install openssl, openconnect, and network-manager-openconnect.

On Ubuntu run

sudo apt-get install openssl
sudo apt-get install openconnect network-manager-openconnect network-manager-openconnect-gnome

You may need to reboot after the installations.

On an rpm-based distribution such as Fedora, Centos, or SuSE, run the equivalent commands using yum or dnf.

You will then need to manually download your personal digital certificate from here. Use the Windows instructions.

Once you have your certificate, you’ll need to extract it into three separate files (mst3k should be replaced by your own computing id):

openssl pkcs12 -in mst3k.p12 -nodes -cacerts -out uva_cacert.pem
openssl pkcs12 -in mst3k.p12 -nodes -clcerts -out mst3k_cert.pem
openssl pkcs12 -in mst3k.p12 -nodes -nocerts -out mst3k_key.pem

You will be prompted for a password to execute the commands above.  This is you eservices password.  After you have these files you can connect to the UVa Anywhere network with the following command:

sudo openconnect -c mst3k_cert.pem -k mst3k_key.pem --cafile=uva_cacert.pem https://uva-anywhere-1.itc.virginia.edu -b

You may find it convenient to save this to a bash script, named for example vpn.sh.  To make it executable run

chmod u+x vpn.sh

You may also be able to configure this in the Network Manager by creating a new VPN connection using the above files and URL.