VPN on Ubuntu Touch:
Round 2
Odoo image and text block

# VPN Editor (app)

Authors: tutorial the Ubuntu App Cats
Contact: info@ubports.com
Category: #Utilities
Where to get it: OpenStore

As one of the main aims of Ubuntu Touch is to help you safeguard your privacy, we would like to share with you a user's experience of setting up ProtonVPN on his Ubuntu Touch device. This is just a practical example. The procedure for other service providers will be very similar.

This article should be easier to follow for all of you are interested in this topic, as this time we will be working entirely with the UI environment.

First of all, download [VPN editor] from the OpenStore. This adds more detailed control to the settings, to enable easy setup. Hopefully these improvements will be integrated into the Settings panel of Ubuntu Touch some time in the near future.

Before we start with the tutorial, let us talk a little about VPN; why it is interesting; what you get by using it and what you need to know!

According to Wikipedia, the VPN technology was developed to allow remote users and branch offices to securely access corporate applications and other resources.

VPNs cannot make online connections completely anonymous, but they can usually increase privacy and security. To prevent disclosure of private information, VPNs typically allow only authenticated remote access using tunneling protocols and encryption techniques.[wikipedia]


So how should this ideally work?:

Security

Secured VPN sends your internet traffic through an encrypted VPN tunnel, so your passwords and confidential data should remain safe, even if you are connected to public wifi in a cafe or hotel. Ordinarily, if you are sharing a network, you are vulnerable to 'sniffing' by other users on the same network.

Privacy

Secure VPN means that your browsing history is not logged by your ISP. They see the connection to the VPN provider but otherwise just encrypted traffic. A privacy centred VPN service enables you to access the Internet without surveillance, as they will not log your activity or share your data with third parties.

Freedom

Secure VPN breaks down the barriers of Internet censorship, whether institutional or country-wide, allowing you to access any website or content.


Checklist:

Clarify your needs; decide the level of privacy you are looking for and select your subscription plan accordingly.

  • bear in mind that you will still be leaving a data trail with online accounts such as email, Spotify etc.

  • look for services based in jurisdictions with the strongest country-based privacy laws

  • seek out services which keep no user logs, to avoid being tracked

  • you can check out [DNS leak page] and [IP leak page] to find out weaknesses in the services offered by particular providers

  • try to choose a reliable service with good throughput speeds

  • if all you want is to occasionally access a blocked site through a firewall, a free service may suit your needs. Generally, for a good quality VPN, expect to pay a modest fee for use


Setting up a ProtonVPN connection on a Ubuntu Touch device

Sign up at [ProtonVPN page] and select your subscription plan. Be aware that by default paid plans are payable annually!!! For monthly payments, you have to select that with the currency above the plans on the right side of the Dashboard!!!

We recommend you visit and read [Account and Billing] as ProtonVPN allows users to change an active subscription at any time. Changing an active subscription is managed by amending Account Credit to calculate the actual total cost.**

Once you are logged in, look for *your OpenVPN/IKEv2 user and OpenVPN/IKEv2 password* you will then manually insert that in the VPN edit app settings. You will find them inside your Account credentials, and they differ from the user login and password you used to access your ProtonVPN Account Dashboard.

Note: To cancel a previously selected plan subscription, click on the new one you have chosen.

Before you open the VPN Edit app and follow the steps described below you will have to download the server config **.opvn** file associated with your subscription plan and then specify the level of connection, OS platform and your protocol: we will choose Free plan, Linux OS platform and UDP protocol

There are three options for level connection: ***Secure Core configs, Country configs and Server configs***, we will choose the last one of these for this tutorial as we have selected the ***Free ProtonVPN subscription plan***

Now we have to find the countries available with free servers connections. Right now those are the Netherlands, Japan and USA. The settings will be the same in each case, except for the IP server and the gateway port. So, let us choose the Netherlands free server option.

  1. Open your **.ovpn** file with **gedit** and make a note of the server IP and the gateway port

  2. Open VPN Edit app and insert as follows:

  • ID: insert any name for your VPN connection

  • Remote: insert the server IP you found in your .ovpn file: nl-free-02.protonvpn.com

  • Type: choose **Password**

  • Username: insert your OpenVPN/IKEv2 user name

  • Password: insert your OpenVPN/IKEv2 password

  • CA certificate: upload the **ProtonVPN_ca.crt** certificate file you have received by e-mail from the Proton Support Center and which you saved in a convenient Ubuntu Touch device phablet folder

- - switch to tab with Advanced settings

  • select option: Use custom gateway port

  • insert the gateway port you found in your .ovpn file: 1194

  • select option: Use LZO data compression

- - go back and switch to tab with Security settings*

  • choose Cipher: AES-256-CBC

  • choose HMAC authentication: SHA-512

- - go back and switch to tab TLS settings*

  • select: 'use additional TLS authentication'

  • upload the **ProtonVPN_tls-auth.key** file you received by e-mail from the Proton Support Center and saved together with the previous file in a folder on your Ubuntu Touch device

  • select Key direction: 1


That is all there is to it! Shown are some images to help you understand the steps more clearly during setting ups. Now just switch ON your internet connection and then the VPN connection and you will find that you are connected by VPN. You can do this directly from the top bar menu of your Ubuntu Touch.

It is a good idea to create more than one VPN connection, so that you have an alternative if a server is not available temporarily or if you want to access a country-specific service.

Note: In case of ProtonVPN you have to ask for the CA certificate and TLS_auth.key as VPN edit app cannot yet upload this content directly from the .ovpn file automatically. The same stands for HMAC and LZO compression, you need to insert the HMAC even is in accordance to support center already used on Data Channel encryption. And without the LZO the webpages would not be uploaded. 

This explanation of how to set up VPN on Ubuntu Touch uses Proton as an example, though this article is not intended as an endorsement of any particular VPN service. The editorial policy of UBports is independent of our sponsors but we acknowledge the kind ongoing support provided to us by PrivateInternetAccessTM"

            Odoo - Sample 1 for three columns

            VPN edit main screen Configuration

             

            Odoo - Sample 2 for three columns

            Advanced Configuration

             

            Odoo - Sample 3 for three columns

            Security Configuration


            Odoo - Sample 1 for three columns

            TLS Configuration

             

            Odoo - Sample 2 for three columns

            Proxy Configuration

             

            Odoo - Sample 3 for three columns

            VPN connection established




            What do you think of this app?

            Please send your comments and suggestions through the box at the bottom of this blog.


            Explore the full spectrum of Ubuntu Touch Apps at OpenStore - The official Ubuntu Touch app store.

                              UBUNTU TOUCH AUDIOCAST 037 - CONVERGING WHATEVER
                              Converging Stuff