VPN and Samba on Linux — easier than I expected

I have the server.ovpn file that OpenVPN GUI reads in and uses on Windows. I’d like to use a Linux client. I am running Debian.

First, we use NetworkManager (installed by default unless you did a minimal, customised installation). I install network-manager-openvpn, openvpn, resolvconf, network-manager-openvpn-gnome (though I am using the MATE desktop), samba and cifs-utils and remmina and its RDP plug-in, and for good measure openvpn-systemd-resolved — not 100% sure I need them all (and some are not relevant for this specific post), but …

$ sudo systemctl restart networkmanager

(This makes sure NetworkManager knows all these new toys have been installed.) I used openvpn from the command line to make sure I could make a connection:

$ sudo openvpn --config path/to/server.ovpn

and I could see machines on the VPN (for example, I could ping the server), so that was good. I knew it could work.

Then, went to NetworkManager in the MATE status bar and asked for a new VPN connection, OpenVPN compatible, using a saved configuration, and browsed to my ovpn file. Accepted all defaults and saved the connection, then chose it; was pleasantly surprised when it worked immediately.

Now, to mount the file shares. Ran caja (nautilus if you use gnome) and File > Connect to server > Chose Windows Share as the type, then put the server name (well, IP4 address, but a name would probably have worked as well or better) in the server box. Put the folder in the folder box (with leading /), domain (workgroup in Windows lingo) in its box, then username and password. Checked ‘make a shortcut’ and gave it a name; that also worked out of the box (files showed up in caja), so most of the functionality is there.

A few tips.

  • If you ever have to log into a Windows desktop or other account with something like “COMPANY\username” then COMPANY might work as a domain in the caja connection.
  • Don’t enter the folder and server like \\server\folder like you would in Windows — put server in one box and folder in the other.
  • Using an explicit IP4 address (123.234.345.345) might work but the server hostname is generally to be preferred; but I find that sometimes one works, sometimes the other, so you can try both. Server IP addresses are usually pretty stable — unlikely to be allocated by DHCP!
  • Most ovpn files contain the options needed in the top section. In my case, this meant that I did not do any config changes, just accepted what the saved config imported into NetworkManager. Maybe I was lucky …?
  • Where you would find the mounted folders in the Linux file system can be tricky. Some advice says ~/.gvfs, some ~/.cache/gvfs, some put the files in the /run tree. Given that we have not used superuser to do any of this, I’d expect the files to be in your personal file space, but YMMV. You might have to hunt around for the mount point.

Once you have the VPN working, you may be able to use RDP to work on a remote computer, as well as access files as I have done here.

Does not need sudo or root or superuser or whatever you want to call it.

Author: Darren

I'm a scientist by training, currently working as a writer, trainer and editor.

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.