User Tools

Site Tools


project:warzone:nm

Using Network Manager for Warzone VPN

Download keys and certificates.

Start NetworkManager connection editor.

nm-connection-editor

On VPN tab click add 1).

You should get this Window:

Select OpenVPN and click Create. Fill the VPN tab as in the picture (using keys and certificates from the downloaded zip file):

Click Advanced and fill General tab as in the picture.

Leave default values on other tabs and click OK.

On IPv4 settings tab click on Routes and check “Use this connection only for resources on its network”

Confirm & close all windows. To connect to Warzone, just select Warzone in NetworkManager.

Fedora and SELinux

In Fedora (and possibly in other SELinux enabled distributions), the above method might be not enough (NetworkManager will fail to connect). You need to allow openvpn to connect to nonstandard port. You can either disable SELinux or set allow_ypbind boolean in SELinux or create custom SELinux module. I chose the third option.

Create a file warzone.te

module warzone 1.0;

require {
        type openvpn_t;
        type unreserved_port_t;
        class tcp_socket name_connect;
}

#============= openvpn_t ==============
#!!!! This avc can be allowed using the boolean 'allow_ypbind'

allow openvpn_t unreserved_port_t:tcp_socket name_connect;

Compile module

checkmodule -M -m -o warzone.mod warzone.te

Package it

semodule_package -o warzone.pp -m warzone.mod

Install it (as root)

semodule -i warzone.pp

Now NetworkManager should be able to connect to Warzone.

1)
If you are using Gnome 3, you can use System Settings → Network, click “plus” button to add new network and select VPN.
project/warzone/nm.txt · Last modified: 2011/12/18 18:00 by stevko