SETUP VPN (OPENVPN)

devineubuntu · March 5, 2025, 12:54pm

Hi. I need noob help with setting up an ovpn connection.

Ubuntu Version:
Ubuntu Mate 16.04

Desktop Environment (if applicable):
Not sure what desktop environment is installed.

Problem Description:
I am trying to install OpenVPN. I have tried several options as follows:-

Install Easy OpenVPN Server on Linux | Snap Store
When I get to step 3 there is no “Import .ovpn config” option in the network manager. If I cancel the VPN setup and select “Import a saved VPN configuration” the network manager does not recognise the *.ovpn file that I downloaded. Error states “The file ‘default.ovpn’ could not be read. The plugin does not support import capability.”
I have tried manually setting up a vpn by utilising the OpenVPN files.
– click on “edit connections”
– click on “add”
– select “openvpn” from the drop down menu
– click “create”
– I extract the “ca” and “cert” and “key” data from the ovpn file by copying and pasting everything between and , including the line -----BEGIN CERTIFICATE----- at the start and at the end. I repeated this for the “cert” and “key” data. I saved these files with the *.crt and *.key formats at the end of the file name.
– I dragged and dropped these created files into the correct slots in the next to “User Certificate” and “CA certificate” and “Private Key”
– some of the ovpn files have passwords and others don’t. If there is a password I put it in “Private Key Password”
– I’m a bit unsure about how to enter Gateway data. Is it purely the IP address? or is there a colon at the end with the port number?
– Then I click on “Advanced”, which I probably do not fully understand. Do I re-enter the port number? Some sites say to use the “LZO compression” and other sites say don’t. Some sites say that the “TCP connection” is flexible - do I tick it or not?
– Under the “security” tab some sites say to set the cipher specifically to a value and other sites say to leave it on default. I’m not sure what to do here.
– most sites don’t say anything about the “TLS authentication” and “proxies” tabs.
– I have tried this method with multiple different ovpn files.
→

Relevant System Information:
Intel i5
8gb Ram
Onboard video card

Screenshots or Error Messages:
No screenshots unfortunately because I’m using a different PC to access this forum. The Ubuntu PC has Firefox installed which apparently is outdated. However when I try update it, it just stays on the same Firefox version (v88).
→

What I’ve Tried:
Listed above.

guiverc · March 5, 2025, 9:48pm

Ubuntu 16.04 LTS is beyond its standard support.

Ubuntu MATE being a flavor also only had 3 years of support; though the Ubuntu base got updates for the full 5 years.

I’ll refer you to Ubuntu Fridge | Extended Security Maintenance for Ubuntu 16.04 (Xenial Xerus) begins April 30 2021

Ubuntu announced its 16.04 (Xenial Xerus) release almost 5 years ago, on April 21, 2016. As with the earlier LTS releases, Ubuntu committed to ongoing security and critical fixes for a period of 5 years. The standard support period is now nearing its end and Ubuntu 16.04 LTS will transition to Extended Security Maintenance (ESM) on Friday, April 30th, 2021

Support is now only provided by Canonical (ESM options) OR the wider Linux community.

I suggest using a supported release of Ubuntu instead, your ESM support options offered by Canonical, or keeping your machine offline due to EOL/EOSS status.

guiverc · March 6, 2025, 2:06am

I’ll add some details (if not obvious from my prior comment) specific to firefox.

The latest deb package I see on my Ubuntu plucky system from a CLI enquiry is

firefox | 88.0+build2-0ubuntu0.16.04.1    | xenial-security | source, amd64, arm64, armhf, i386, ppc64el

which is probably what you’re referring to as v88

When a release goes EOL (or in this case EOSS) packages are no longer updated (via standard repositories).

The package change I see can be see here

https://launchpad.net/ubuntu/+source/firefox/88.0+build2-0ubuntu0.16.04.1

which you’ll note includes the date Fri, 16 Apr 2021, ie. not long before EOSS (my prior comment/reply).

If you switch to using ESM (Expanded Security Maintenance), it was documented that ESM support was provided for a number of packages via snap package; so your details imply you’ve not enabled ESM and switched required packages to snap (if you had I’d expect 136.0-3 or 128.8.0esr-1). Please note the other components in the documentation; as many of your packages aren’t covered by ESM (the MATE desktop used by Ubuntu-MATE for example is found in the universe (community maintained) repository which isn’t covered by ESM you’ll note in my provided link ). If you’ve not assessed the security implications of that release; I’d suggest using a fully supported release of Ubuntu (or Ubuntu-MATE).

devineubuntu · March 6, 2025, 10:18am

Great, thanks so much for your response.

No time at the moment to change the PC OS at the moment. So I managed to find the https://ubuntu-mate.community/ website. Hopefully there will be some assistance there on how to install a VPN.

ogra · March 6, 2025, 10:32am

Even if there is, it is very likely that the package version you could use for this is outdated and full of security holes if you do not enable Ubuntu pro (or ESM as it was called back then), everything you would get from the standard 16.04 archive has not been touched in many years to fix known security issues … for something that is supposed to protect your network communication on the internet that isnt actually a good idea

system · April 4, 2025, 12:55pm

This topic was automatically closed after 30 days. New replies are no longer allowed.