In this article, we’ll look at how to create a VPN connection from the Linux terminal console and connect to a remote VPN server from the command line. Consider how to create L2TP, PPTP, OpenVPN, and SSTP VPN connections on Linux.
Creating an L2TP VPN Connection in Linux
You can use NetworkManager to create L2TP VPN connections from the Linux console.
To install NetworkManager with L2TP support, run the command:
- In CentOS/RHEL/Fedora:
# yum -y install NetworkManager-l2tp - To install NM with L2TP on Ubuntu/Debian, you must first add the repository:
$ sudo add-apt-repository ppa:nm-l2tp/network-manager-l2tp $ sudo apt-get install network-manager-l2tp
To create a new L2TP VPN connection, use the command:
$ nmcli connection add connection.id [VPNConnectionName] con-name [VPNConnectionName] type VPN vpn-type l2tp ifname -- connection.autoconnect no ipv4.method auto vpn.data "gateway = [ipv4], ipsec-enabled = yes, ipsec-psk = 0s"$(base64 <<<'[PSK]' | rev | cut -c2- | rev)"=, mru = 1400, mtu = 1400, password-flags = 0, refuse-chap = yes, refuse-mschap = yes, refuse-pap = yes, require-mppe = yes, user = [user]" vpn.secrets password=[user-password][VPNConnectionName][ipv4]— IP address or FQDN of L2TP/IPSEC VPN server[PSK]—Pre-Shared Key (PSK)[user]— VPN username[user-password]— user password
The settings for a new VPN connection are saved to the /etc/NetworkManager/system-connections/{name} file.
List all connections in NetworkManager:
$ nmcli conShow information about the created VPN connection:
$ nmcli c show id [VPNConnectionName]To connect to the L2TP VPN server from the command line:
$ nmcli c up [VPNConnectionName]Error: Connection activation failed: Could not find source connection.
In this case, check the following:
journactllogs;- the default gateway is set for the physical interface (for example,
ens33); - the
br0interface may be enabled on the server, but is not used. Try to remove it.
To disconnect from a VPN server, run:
$ nmcli c down [VPNConnectionName]Adding PPTP VPN Connection in Linux
To install a PPTP VPN client on Ubuntu/Debian:
$ sudo apt install pptp-linuxGo to the directory:
$ cd /etc/ppp/peersCreate a PPTP file:
$ sudo touch PPTPEdit the file:
$ sudo nano /etc/ppp/peers/PPTPAdd the following content:
pty "pptp YOUR_VPN_SERVER --nolaunchpppd --debug" name VPNUsername password VPNPassword remotename PPTP require-mppe-128 require-mschap-v2 refuse-eap refuse-pap refuse-chap refuse-mschap noauth debug persist maxfail 0 defaultroute replacedefaultroute usepeerdns
Save the file by pressing CTLR+X, Y -> Enter.
Change file permissions:
$ chmod 600 /etc/ppp/peers/PPTPTo connect to a PPTP VPN server, run the command:
$ pon PPTPDisconnect VPN client:
$ poff PPTPHow to Set Up SSTP VPN Connection with Command Line on Linux?
You can set up an SSTP connection to a VPN server on Linux. On Ubuntu, you can use the sstp package for nmcli.
Install the SSTP package:
$ sudo add-apt-repository ppa:eivnaes/network-manager-sstp
$ sudo apt update
$ sudo apt install network-manager-sstp sstp-clientThe following command is used to connect to the SSTP VPN server:
$ sudo sstpc --cert-warn --save-server-route --user <your_user_name> --password <your_password> <hostname_or_ip_address_of_sstp_server:port_if_not_standard_port> usepeerdns require-mschap-v2 noauth noipdefault nobsdcomp nodeflateYou can save VPN server connection settings to a text file:
$ sudo nano /etc/ppp/peers/sstptest remotename sstptest
linkname sstptest
ipparam sstptest
pty "sstpc --ipparam sstptest --nolaunchpppd sstpvpn.contoso.com"
name user1
plugin sstp-pppd-plugin.so
sstp-sock /var/run/sstpc/sstpc-sstp-test
usepeerdns
require-mppe
require-mschap-v2
refuse-eap
refuse-pap
refuse-chap
refuse-mschap
nobsdcomp
nodeflate
Add the username and password for authentication on the VPN server to /etc/ppp/chap-secrets file:
# Secrets for authentication using CHAP
# client server secret IP addresses
user1 * xxxxxx *Now you can connect to the SSTP VPN server using the configured connection:
$ sudo pon sstptestTo send all traffic through the VPN connection, you need to add a route:
$ sudo route add default <vpn_interface>(usually, this is ppp0 device)
Or only traffic to specific networks/hosts:
$ sudo route add -net 192.168.2.0/24 dev ppp0Configure OpenVPN Connection Using Linux Terminal
Install the OpenVPN package on Linux:
- Debian, Ubuntu, Linux Mint, Kali Linux:
$ sudo apt-get update && apt-get upgrade $ sudo apt-get install openvpn - RedHat, Fedora, CentOS, Oracle, Rocky Linux:
# yum install epel-release –y. # yum install openvpn –y
You will need the *.ovpn configuration file to connect to an OpenVPN server. In order to connect to VPN using the client.ovpn file:
$ sudo openvpn --config /etc/openvpn/client.ovpn --daemonEnter a username and password (if Active Directory authentication is enabled for OpenVPN).
Check that the VPN connection is established:
$ ip a show tun0To end the OpenVPN connection, press CTRL+C (if the client is running without the --daemon parameter) or run the command:
$ sudo killall openvpnIn order for an OpenVPN connection to be automatically established when Linux starts, you need to create a separate systemd unit:
$ sudo vi /lib/systemd/system/OpenVPNClientCorp.service[Unit]
Description=Hide.me OpenVPN Client Corp
After=multi-user.target
[Service]
Type=idle
ExecStart=/usr/sbin/openvpn --config /etc/openvpn/client.ovpn
[Install]
WantedBy=multi-user.target
Change the file permissions:
$ sudo chmod 644 /lib/systemd/system/OpenVPNClientCorp.serviceAdd the new unit via systemctl:
$ sudo systemctl daemon-reload
$ sudo systemctl enable OpenVPNClientCorp.service
I can’t fix the error
Error: Connection activation failed: Could not find source connection.
can you help me?
NetworkManager-l2tp is not available for Centos 7, at least is not being shown on
yum list NetworkManager\*