Accessing GNOME's VPN
Contact information
Owner: GNOME Sysadmin Team
Contact: #sysadmin
Persons: AndreaVeri
Purpose: Connecting to GNOME's VPN for accessing the internal 172.31.1.0/24 network
Host: bastion.gnome.org
Description
This SOP explains how to connect to the GNOME's VPN for accessing the internal 172.31.1.0/24 network, together with specific machines that are currently not being reachable through a public IP.
Action
Steps for connecting to the GNOME's VPN:
Generate your client's certificate by executing /etc/openvpn/easy-rsa/easyrsa build-client-full sysadmin-userid.
Install the openvpn package (apt-get install openvpn or yum install openvpn). If you want to use NetworkManager instead, make sure you install the NetworkManager-openvpn (on Fedora, while Ubuntu has network-manager-openvpn) package.
Fetch the certificates you just generated from /etc/openvpn/pki/{issued,private}/sysadmin-userid.{crt,key} and the CA certificate from /etc/openvpn/pki/ca.crt. Build up your OpenVPN client configuration and initiate the connection against vpn.gnome.org.
Finally connect to GNOME's machines by following the $hostname.vpn.gnome.org syntax. All the available nodes you can connect to are available here.