Jump to content
Not connected, Your IP: 18.191.200.114
HugeHedon

Ubuntu/Linux: How to use NetworkManager for AirVPN

Recommended Posts

For Ubuntu laptop users, it is convenient to use the NetworkManager applet to connect/disconnect to the VPN-service.

The AirVPN admins may at some point create ready-made packages to download and install that will automatically fix everything (like for Windows users), but until then the following is how to set it all up:

1) Create an AirVPN account. Generate/download the needed key-, certificate- and configuration-files here: https://airvpn.org/index.php?option=com_air&view=access&Itemid=100

2) Save the downloaded zip-file somewhere, say in ~/.airvpn. Unzip it. Four files should be extracted. Try to make sure nobody but you can read the file user.key, because that one is secret.

3) Erase the zip-file. Or at least, make sure only you can read it (since it contains the secret user.key file inside)

4) Install the package named network-manager-openvpn-gnome, which is a plugin to NetworkManager handling OpenVPN connections. The install will automatically include all needed packages, like openvpn etc.

5) To check that openvpn plugin was properly installed in NetworkManager, click on the nm-applet (the NetworkManager icon) => VPN Connections => Configure VPN. In the little window that comes up, click the Add button. Is there an OpenVPN option in the menu? Good. But don't click on it. Just close the windows. This was just a check.

6) Click on the nm-applet (the NetworkManager icon) => VPN Connections => Configure VPN

7) In the little window that comes up, click the Import button.

8) In the file chooser that comes up, find the previously downloaded file air.ovpn (perhaps you stored it in the ~/.airvpn directory?)

9) A new little window comes up. That little sucker is pre-filled with the necessary airvpn-configuration stuff.

10) You should just be able to click the Apply-button -- but wait: We need to double-check something. The AirVPN service uses "LZO data compression" (at the time of this writing at least). We need to check that this option is properly entered in the configuration. Click the Advanced button (down below, to the right). In the little window that comes up, make sure that the check-box next to "Use LZO data compression" is checked. (There seems to be a bug in network-manager-openvpn or something, so that this sometimes does not work automatically). Ok, this should be it. Click OK, Apply, Close etc.

11) Before connecting, you'll have to restart the computer. (Alternatively, you can just start the relevant services on the command line, perhaps like this: sudo service openvpn start)

12) Click the NetworkManager applet. Under VPN-connections, you should now be able to select the VPN-connection named air. After a little while, the applet icon should be decorated with a little padlock. Does it work for you?

Share this post


Link to post

Thank you for this excellent guide! Coupons for premium service will be delivered to you asap as an appreciation for that.

Kind regards

AirVPN admins

Share this post


Link to post

Hi HugeHedon

The image attached, shows my configuration for this service, which I'm not able to get connected using this.

Posted Image

Share this post


Link to post

Ok, that looks very much like mine.

The only difference I see is that I selected the version involving UDP:443 instead of TCP:80 (when downloading the configuration files). You could try if that works better by unchecking the TCP checkbox and replacing 80 with 443 for custom gateway port.

Share this post


Link to post

I decided to choose TCP port 80 to relay my traffic on, as it is a common port for web usage, and will never be blocked by ISPs or the government.

But even after changing the port number to 443 of UDP, I was not able to get connected.

Thanks for your previous reply.

Share this post


Link to post

It's okay HugeHedon

I'm trying to get connected to this OpenVPN service from Iran, but the ISP or the government has blocked OpenVPN connections, and so the TLS handshake fails.

I noted this as I was trying to connect using my Windows 7, with my OpenVPN client.

Thanks anyway for your response

Regards, Alireza

Share this post


Link to post

goftari wrote:

It's okay HugeHedon

I'm trying to get connected to this OpenVPN service from Iran, but the ISP or the government has blocked OpenVPN connections, and so the TLS handshake fails.

I noted this as I was trying to connect using my Windows 7, with my OpenVPN client.

Thanks anyway for your response

Regards, Alireza

Hello! Try ports 53 UDP and 53 TCP.

The very fact that you can write in this forum and can access this site (which are entirely https) shows that TLS connections are not blocked by your ISP or gov't.

If it still does not work, it will be necessary to perform http tunneling.

Kind regards

AirVPN admins

Share this post


Link to post

<strong>admin wrote:</strong>

Hello! Try ports 53 UDP and 53 TCP.

The very fact that you can write in this forum and can access this site (which are entirely https) shows that TLS connections are not blocked by your ISP or gov't.

If it still does not work, it will be necessary to perform http tunneling.

Kind regards

AirVPN admins

Well, the problem is not the port number, I had tried all the available TCP and UDP ports, but still no sign of connection.

The problem is that OpenVPN traffic is being considered as unwanted traffic according to the packet message pattern that OpenVPN client uses, I suppose.

Share this post


Link to post

goftari wrote:

Well, the problem is not the port number, I had tried all the available TCP and UDP ports, but still no sign of connection.

The problem is that OpenVPN traffic is being considered as unwanted traffic according to the packet message pattern that OpenVPN client uses, I suppose.

Hello! Understood. Therefore, http tunneling becomes necessary. Maybe we'll consider it in the near future. Also, have a look here for AirVPN over TOR, which can circumvent that censorship (picking unlisted TOR nodes is necessary if TOR is blocked in your country):

https://airvpn.org/index.php?option=com_content&view=article&id=64&Itemid=122

Kind regards

AirVPN admins

Share this post


Link to post

<strong>admin wrote:</strong>

Hello! Understood. Therefore, http tunneling becomes necessary. Maybe we'll consider it in the near future. Also, have a look here for AirVPN over TOR, which can circumvent that censorship (picking unlisted TOR nodes is necessary if TOR is blocked in your country):

https://airvpn.org/index.php?option=com_content&view=article&id=64&Itemid=122

Kind regards

AirVPN admins

TOR is accessible in my country, but it's poor performance, has always kept me away from even thinking to use it.

Thanks anyway for your responses.

Share this post


Link to post

about the original guide, step 5

The OpenVPN option appeared instantly after installing and I importing settings worked, but to use the connection I still had to reboot. (re)Starting relevant services will probably also work, but rebooting sounded easier than finding out what to start. "openvpn" service is likely worth try, if someone prefers to avid rebooting. Ubuntu 10.10.

in hope that it will be helpful.

Share this post


Link to post

@sookala: Thanks, that's useful. I should add that to the original post (I'll do that when the forum formatting works better -- if I edit it now, it'll lose all bold face etc)

Edit: I've changed the instructions (in the forum post in this thread) per your suggestions. Thanks!

Share this post


Link to post

dabl8 wrote:

won't connect. no valid vpn secrets...

Hello!

It would seem something related to bad/missing certificates and/or keys. Make sure you have copied all the properly generated files inside "air.zip" to the OpenVPN config directory.

It's difficult to be more specific, please feel free to open a ticket (menu "Support"-->"Helpdesk"); please attach your complete OpenVPN connection log.

Kind regards

AirVPN admins

Share this post


Link to post

after reboot tcp works and udp started working after i removed "explicit-exit-notify 5" from the air.ovpn config file. thanks

Share this post


Link to post

Just a quick heads up - guide works perfect w/ Ubuntu 10.10. Actually I'm getting a full 6Mbit here - wow! Hopefully the 'bad guys' will stay away for a little longer ...

Have my own server with VPN though, but I need a French IP every other week to keep my Spotify running .o) That said, if u guys can use some invites for unlimited free listening - I have some left ...

Share this post


Link to post

hi i have problem connecting. Any ideas? Thanks.

this is the output:

desktop:~/airvpn$ sudo openvpn air.ovpn

Wed Apr 13 11:25:11 2011 OpenVPN 2.1.0 x86_64-pc-linux-gnu [sSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Jul 20 2010

Wed Apr 13 11:25:11 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables

Wed Apr 13 11:25:11 2011 WARNING: file 'user.key' is group or others accessible

Wed Apr 13 11:25:11 2011 /usr/bin/openssl-vulnkey -q -b 2048 -m <modulus omitted>

Wed Apr 13 11:25:11 2011 LZO compression initialized

Wed Apr 13 11:25:11 2011 Control Channel MTU parms [ L:1558 D:138 EF:38 EB:0 ET:0 EL:0 ]

Wed Apr 13 11:25:11 2011 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ]

Wed Apr 13 11:25:11 2011 Local Options hash (VER=V4): '22188c5b'

Wed Apr 13 11:25:11 2011 Expected Remote Options hash (VER=V4): 'a8f55717'

Wed Apr 13 11:25:11 2011 Socket Buffers: R=[124928->131072] S=[124928->131072]

Wed Apr 13 11:25:11 2011 UDPv4 link local: [undef]

Wed Apr 13 11:25:11 2011 UDPv4 link remote: [AF_INET]94.75.255.91:443

Wed Apr 13 11:25:12 2011 TLS: Initial packet from [AF_INET]94.75.255.91:443, sid=7e888f51 bf0d2e03

Wed Apr 13 11:25:14 2011 VERIFY OK: depth=1, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=airvpn.org_CA/emailAddress=info@airvpn.org

Wed Apr 13 11:25:14 2011 VERIFY OK: nsCertType=SERVER

Wed Apr 13 11:25:14 2011 VERIFY OK: depth=0, /C=IT/ST=IT/L=Perugia/O=airvpn.org/CN=server/emailAddress=info@airvpn.org

Wed Apr 13 11:25:19 2011 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Wed Apr 13 11:25:19 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Wed Apr 13 11:25:19 2011 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key

Wed Apr 13 11:25:19 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication

Wed Apr 13 11:25:19 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA

Wed Apr 13 11:25:19 2011 [server] Peer Connection Initiated with [AF_INET]94.75.255.91:443

Wed Apr 13 11:25:21 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

Wed Apr 13 11:25:22 2011 AUTH: Received AUTH_FAILED control message

Wed Apr 13 11:25:22 2011 SIGTERM received, sending exit notification to peer

Wed Apr 13 11:25:26 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)

Wed Apr 13 11:25:28 2011 TCP/UDP: Closing socket

Wed Apr 13 11:25:28 2011 SIGTERM[soft,exit-with-notification] received, process exiting

Share this post


Link to post

Hi,

I have been using networkmanager here for openvpn connections, with few problems. Be aware, though, of problems with consolekit that can interfere with networkmanager and the openvpn plugin. I had to revert to an older consolekit to make it work again.

Here is a description of the networkmanager vs consolekit 0.4.3-1 issue. When networkmanager was not working, it was easy to connect to Airvpn on the command line with a command like this:

sudo openvpn /etc/openvpn/airvpn/air.ovpn

(I keep my files in the /etc/openvpn/airvpn/ folder.)

For Mcwood:

I suspect it is a problem with your keys, or perhaps your account. Is your ovpn file containing the full path to your airvpn certificates and keys?

Living behind a great national firewall is a great annoyance, but one day we will all be free!!

Share this post


Link to post

mcwood wrote:

hi i have problem connecting. Any ideas? Thanks.

this is the output:

Wed Apr 13 11:25:19 2011 [server] Peer Connection Initiated with [AF_INET]94.75.255.91:443

 

Hello!

You're trying to connect to Altair server which currently does not accept connections from premium members (we are using it to evaluate an additional service for premium members). You should re-generate the configuration files to connect either to Polaris, Omicron or Sigma. Thank you, we apologize for the inconvenience.

Kind regards

AirVPN admins

Share this post


Link to post

goftari wrote:

It's okay HugeHedon

I'm trying to get connected to this OpenVPN service from Iran, but the ISP or the government has blocked OpenVPN connections, and so the TLS handshake fails.

I noted this as I was trying to connect using my Windows 7, with my OpenVPN client.

Thanks anyway for your response

Regards, Alireza

Hello!

Now we have connections from Iran. Unfortunately we can't say whether the block has been removed globally or the connections come from a different ISP.

Kind regards

AirVPN admins

Share this post


Link to post

hi

Here is a description of the networkmanager vs consolekit 0.4.3-1 issue. When networkmanager was not working, it was easy to connect to Airvpn on the command line with a command like this:

in terminal :

sudo gedit /etc/NetworkManager/nm-system-settings.conf

change :

[ifupdown]

managed=false

to

[ifupdown]

managed=true

Save and restart the system.

NetworkManager should now appear

OR (The second) :

Sample content of nm-system-settings.conf : (replace to your /etc/NetworkManager/nm-system-settings.conf )

(save in gedit )

# This file is installed into /etc/NetworkManager, and is loaded by

# NetworkManager by default. To override, specify: '--config file'

# during NM startup. This can be done by appending to DAEMON_OPTS in

# the file:

#

# /etc/default/NetworkManager

#

[main]

plugins=ifupdown,keyfile

[ifupdown]

managed=true

Save and restart the system.

NetworkManager should now appear

Share this post


Link to post

I believe that Air Vpn just does not work with Linux. I just about had all the issues mentioned above. I was connected for about 20 minutes. Connection dropped. After that I reconnected and the lock apppeared on the network manager. Problem there was that all I got from that stage on was timeouts from web sites.

In other words air vpn was not usable anymore. I deleted and re installed. Next message was that vpn secrets were missing. Re installed. Got on for a little while again. About 30 min. Disconnected. Tried to check the settings. Settings were missing. Even while I was on the speed was atrocious. 40kbs max. tried to write on this forum. No answer. Tried to get in contact with the people running this company. All I got was an automated reply. I want out of this and get a refund. Worst mistake I have ever made.

I will try one more time. If I do not get a refund I will count my losses, but I will make sure that as many people as possible will know about my experiences. Thank god for Facebook and Twitter.

The least I can expect is some personal costumer support.

Not with Air VPN it seems!

Share this post


Link to post

I believe that Air Vpn just does not work with Linux. I just about had all the issues mentioned above. I was connected for about 20 minutes. Connection dropped. After that I reconnected and the lock apppeared on the network manager. Problem there was that all I got from that stage on was timeouts from web sites.

Hello!

Support has already been given to you, but we received no feedback from our suggestions. Did you perform any of the steps we recommended?

We kindly invite you to re-read the instructions on how to use the system, to send us the connection logs and follow the recommendations we gave you.

We have very many happy Linux customers and we also use Linux to connect to our servers 24h/24. Everything works fine, so please don't stay with the assumption that it's a server side problem, consider the option that there might be some problem in your system.

In other words air vpn was not usable anymore. I deleted and re installed. Next message was that vpn secrets were missing. Re installed. Got on for a little while again. About 30 min. Disconnected. Tried to check the settings. Settings were missing. Even while I was on the speed was atrocious. 40kbs max. tried to write on this forum. No answer. Tried to get in contact with the people running this company. All I got was an automated reply. I want out of this and get a refund. Worst mistake I have ever made.

There are NO automated answers from our customer and support service.

I will try one more time. If I do not get a refund I will count my losses, but I will make sure that as many people as possible will know about my experiences. Thank god for Facebook and Twitter.

The least I can expect is some personal costumer support.

Not with Air VPN it seems!

Since we strongly support freedom of expression against any censorship, we can only say that this is your right. Personal customer support has been given to you, as well as to any other customer and NON customer in need of support. About your refund request, you already sent it twice via the "Contact us" form, you already had the proper reply and the full refund will be delivered according to our Terms of Service that you accepted.

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...