Gemeinsame Systemgruppe IfI/b-it

Translations of this page:

You are here: aktuelles » en » vpn » profiles


Receiving your VPN profiles and certificates

Before being able to connect to our VPN Service, you will need your retrieve your personal OpenVPN configuration profile, which will contain all necessary client settings and your personal identification in form of a user certificate. This profile can be downloaded at our User Management Interface.

Please scroll down until yopu see the section “VPN and Certificate Management”:

Now you can click on the “Generate Certificate” button to generate your first profile/certificate. Wait until the process has finished, then you will be presented with some more buttons than before:

The passphrase that was used to secure your private key is the same you used for logging into the User Management Interface.

You can use “Generate Certificate” again to generate new authentication data, i.e. if you lost your old certificate or do not remember your passphrase anymore. The old certificate will be revoked automatically after clicking this button, so no one will be able to log in with it afterwards, including you. Only the most recent profile will be valid at a time. You can download anything as many times as you like, as long as you do not use the “Generate Certificate” button, nothing will change.

If you are using windows or the terminal-based openvpn client, you will only need to download the openvpn profile itself, nothing else. If you are using other clients like the Linux Networkmanager, you may have to download the certificate data separately via the other buttons in the user management interface, some clients are not able to parse the certificate- and key-data which is already included in the profile.

You have the choice between UDP or TCP as transport protocol for the openvpn tunnel. Using UDP might result in lower latency for your tunneled connections, but you might suffer connection instabilities, depending of the network configuration in between your client and our servers. If unsure, choose the TCP profile. You can change protocols anytime you like by using the other profile.