Accessing GNOME's VPN

Contact information

Owner: GNOME Sysadmin Team

Contact: #sysadmin

Persons: AndreaVeri

Purpose: Connecting to GNOME's VPN for accessing the internal 172.31.1.0/24 network

Host: bastion.gnome.org

Description

This SOP explains how to connect to the GNOME's VPN for accessing the internal 172.31.1.0/24 network, together with specific machines that are currently not being reachable through a public IP.

Action

Steps for connecting to the GNOME's VPN:

  1. Generate your client's certificate by executing /etc/openvpn/easy-rsa/easyrsa build-client-full sysadmin-userid.

  2. Install the openvpn package (apt-get install openvpn or yum install openvpn). If you want to use NetworkManager instead, make sure you install the NetworkManager-openvpn (on Fedora, while Ubuntu has network-manager-openvpn) package.

  3. Fetch the certificates you just generated from /etc/openvpn/pki/{issued,private}/sysadmin-userid.{crt,key} and the CA certificate from /etc/openvpn/pki/ca.crt. Build up your OpenVPN client configuration and initiate the connection against vpn.gnome.org.

  4. Finally connect to GNOME's machines by following the $hostname.vpn.gnome.org syntax. All the available nodes you can connect to are available here.

Infrastructure/Archive/SOP/VPNConnectionGNOME (last edited 2022-02-22 13:34:44 by AndreaVeri)