# Configure your VPN
Use Lab access link instead
If you are configuring access to your lab use Lab access link sent to you in onboarding email with other credentials. You can also request Lab access link in Service desk
This step configure an encrypted connection between your local computer and HUNT Cloud. The specific steps are dependent on the operating system on your local computer.
# Requirements
Confirmed collection of secret keys in Step 1 of onboarding process.
Successful setup of Google authenticator app.
# 2.1 Install the VPN software
Windows
We use the open-source application OpenVPN to ensure encrypted communication between your local computer and us.
Click on the link above, scroll down to the file named OpenVPN-<version-number>-i601-amd64.msi (Windows 10 users), download the file and follow the on-screen installation instructions.
NTNU users: Windows users from NTNU can install OpenVPN community edition using NTNU Software Center even without administrative rights.
WARNING
You will need administrative rights on your local computer to successfully install OpenVPN.
Click on the link below if you do not hold administrative rights on your local computer, or don't know if you have such rights.
Installing OpenVPN without administrative rights
You can check if you have administrative rights on your local computer by running net localgroup "Administrators" in a command prompt (opens new window) and see if your username is listed.
Request assistance from your local IT personnel if you do not hold administrative rights on your local computer and request that they:
(1) assist you in the OpenVPN installation, or
(2) grant you administrative rights on your local computer so you can install OpenVPN yourself.
For simplicity, we have outlined the steps they need to perform, which you can attach to your request: https://docs.hdc.ntnu.no/do-science/guides/openvpn-admin-group/
OS X and macOS
We use Tunnelblick to ensure encrypted communication between your local computer and HUNT Cloud.
Download and install the latest 'stable release' from this page (opens new window)
Ubuntu Linux
We use OpenVPN to ensure encrypted communication between your local computer and HUNT Cloud.
Install the openvpn and network-manager-openvpn-gnome packages from the standard repositories.
sudo apt install openvpn network-manager-openvpn-gnome
Other Linux distributions
You have a few options on how to install OpenVPN clients in other distributions:
- Install the
openvpnpackage from the official distribution repository. - Add the OpenVPN community repository (opens new window) and install the
openvpnpackage. - Download the latest source tarball (opens new window) from OpenVPN and install.
After the installation, follow the "Ubuntu Linux" guides below on how to setup and connect.
# 2.2 Setup the VPN profile
Windows
- Start the OpenVPN client (if it is not running already)
- Expand pane on taskbar
- Select
Import file...
- Click on Import file and select OpenVPN profile file
<username>.ovpnthat you collected in Step 1.
OS X and macOS
2.2.1 If you 'do' get prompted with the Welcome to Tunnelblick message, follow these steps:
- Select
I have configuration files. - In the
Welcome to Tunnelblickprompt, selectI have configuration files. - When prompted for which type of configuration you have, select
OpenVPN Configurations. - Select the OpenVPN profile named.
<username>.ovpnin the collection of credentials given from HUNT Cloud. - Continue with the
Connecting to the VPN sectionbelow.
2.2.2 If you 'do not' get prompted with the Welcome to Tunnelblick message, follow these steps:
- Find the OpenVPN profile named
<username>.ovpnthat you collected in Step 1. - Right-click the file OpenVPN profile named
<username>.ovpn. - Select
Open With -> Tunnelblick. - When prompted for
Install Configuration For All Users, selectOnly Me. - Enter your macOS password to allow Tunnelblick to install the OpenVPN configuration.
- Continue with the
Connecting to the VPN sectionbelow.
Ubuntu Linux
- Click on the Network Manager icon in the task bar.
- Select Edit Connections....
- Click Add.
- Choose Import a saved VPN configuration and click Create.
- Select the OpenVPN profile named
<username>.ovpnthat you collected in Step 1. - Enter your user name (same as the OpenVPN profile file name).
- Click on the person icon in the Password field and select
Ask for this password every time. - Enter the Private Key Password with the
VPN passphrasesent to you from HUNT over Signal. - Click on the IPv4 Settings tab.
- Click Routes....
- Select the Use this connection only for resources on its network and click OK.
- Click Apply.
# 2.3 Connect to the VPN
Windows
Right-click on the OpenVPN notification icon on the taskbar.
Select Connect.
Enter your user name (same as the OpenVPN profile file name).
Enter a rotating
verification codefrom Google Authenticator as your password.
When prompted for a Private Key Password, insert the
VPN passphrasethat your collected in Step 1. Your authentication will fail when you complete your passphrase below. This is expected since your verification code timed out while you typed your passphrase.
Now try again to connect with a fresh
verfication codefrom Google Authenticator.
You should now be connected to the VPN.
OS X and macOS
Start Tunnelblick and
Connect.Enter your user name (same as the OpenVPN profile file name).
Enter the
verification codefrom Google Authenticator as your password.
WARNING
Make sure that the Save password checkbox is
unchecked.When prompted for a Private Key Password or Passphrase, insert the
VPN passphrasethat you collected in Step 1.TIP
Save this passphrase.
Your authentication will fail when you complete your passphrase above. This is expected since your verification code timed out while you typed your passphrase.
- Now try again to connect with a fresh
verfication codefrom Google Authenticator.
You should now be connected to the VPN.
Ubuntu Linux
- Click on the Network Manager icon in the task bar.
- Select VPN Connections > and the name of your profile.
- In the Authenticate VPN window, enter the
verification codefrom Google Authenticator in the Password field. - Click OK to connect.
# 2.4 Verify your VPN connection
WARNING
Please invest some time to verify a successful VPN connection as you will not be able to complete Step 3 before your VPN is working.
Windows
The OpenVPN notification icon on the taskbar should be green.
OS X and macOS
A small Tunnelblick window should state "Connected" in green letters with a timer that count the connection length.
Ubuntu Linux
If you received the notification VPN connection has been successfully established, then you are good to go.
Access list
We allow connection from known IP addresses only. This means that your VPN connection may be blocked if you connect from a (for us) unknown network outside Norway. Click here to request an opening for your location in our Do science service desk.
# Immediate troubleshooting
Below are a few immediate things to try if your VPN connection did not succeed:
# Authenticate VPN
If the Authenticate VPN prompt pops up again, then try to log in again with a new verification code.
# VPN connection failed
If you received the notification VPN Connection Failed after 60 seconds, please check the following
- Verify that you have an active internet connection.
- Verify that the Private Key Password is correct.
# Could not read Private Key error
The error messages below indicates that there is a typo in the Private Key Password (step 2.3.5) and you need to type it in again.
ERROR: could not read Private Key username/password/ok/string from management interface
Cannot load private key file
# Unable to apply changes
If you are unable to click Apply after your changes, try to re-enter your Private Key Password using your VPN passphrase that you collected in Step 1.
TIP
If nothing works, please head over to our main troubleshooting section for more information on how to troubleshoot connections.