These instructions will show you how to set up OpenVPN on a Chromebook.
In this article:
- Step 1. Review and request access
- Step 2: Set up your office computer for Remote Desktop Connection
- Step 3: Import the required certificates onto your Chromebook
- Step 4: Open a VPN connection
- Additional: Start a Remote Desktop Connection
- Additional: Terminating the VPN connection
Step 1. Request access (if you need to)
OpenVPN works on a per-user permission basis. As such, you normally have to request access to resources like your desktop PC or other protected resources not normally accessible from off campus.
However, there are some exceptions listed below which are automatically available to relevant staff that you don’t need to explicitly request and will just work for you. If in doubt about your OpenVPN permissions, please check your OpenVPN Account Details.
For off campus access to Agresso and iTrent
Staff who can access Agresso are automatically given access to: https://agrlive.essex.ac.uk/agresso/Login/Login.aspx
Staff who have access to iTrent (People Manager etc) are automatically given access to: https://ihr.essex.ac.uk/tlive_web/wrd/run/etadm001gf.open
For Remote Desktop Connection and access to other resources and services
If you require more than the default access to Agresso and/or iTrent, then you must email the IT Helpdesk at firstname.lastname@example.org with the following details:
- your Essex ID
- your office computer's S number (if you want to use Remote Desktop Connection)
- details of other resources or services you want to use that can't be accessed via Remote Desktop Connection
Please allow one working day for us to activate OpenVPN on your account - we'll send you a confirmation email once it's done. Once you have been given access continue to the next steps.
Step 2. Set up your office computer for Remote Desktop Connection
Perform the following steps on your office computer if you want to use Remote Desktop Connection.
- Click Start.
- Right-click Computer.
- Click Properties.
- Click Remote settings.
- Ensure that Allow connections from computers running any version of Remote Desktop is selected.
- Click Select Users... and ensure that your name is listed as a remote desktop user.
- If your name isn't listed, click Add and type in your login name using the format CAMPUS\mylogin. Click OK.
This is all you need to do on your office computer.
Step 3. Importing the required certificates onto your Chromebook
- Download the required configuration files to your Chromebook and unzip them:
Step 3.1 Import the CA certificate (ca.crt)
You must be signed in to your Google account before completing the next steps. Following these steps whilst using a Guest account will not work as the guest account has no way of binding the required certificates to the device.
- Open Chrome, and in the address bar enter chrome://settings/certificates
- Select the Authorities tab, and then select Import.
- Browse to where you extracted the certificate files and select the file named ca.crt, then select OPEN.
- Ensure Trust this certificate for identifying websites is checked, and then select OK.
- You should now see University of Essex listed in Authorities. Select Done.
Step 3.2 Import the client certificate (client2.p12)
- Now select the Your Certificates tab, and then select Import and Bind to Device...
- Browse to where you extracted the certificate files and select the file named client2.p12, then select OPEN.
If you're asked to enter a password do not enter anything, just leave the password field blank and press Ok.
- At this point you should see a certificate loaded in this window with the comment “(hardware-backed)”. Select Done.
- In Chrome, go to chrome://net-internals/#chromeos
- Select Choose File and browse to where you extracted the certificate files earlier.
- Select the file named University of Essex.onc and select OPEN.
Step 4. Open a VPN connection
- Click somewhere on the system tray (bottom-right) to bring up the menu below. Select VPN disconnected and then select University of Essex ChromeOS OpenVPN
- In the Join private network box, enter your Essex username and password into the Username and Password fields. Enter isslx029.essex.ac.uk for the Server hostname. Now select Connect.
- Provided you have entered the correct details, you should see the status of the connection change from VPN disconnected to VPN connected. You are now connected to OpenVPN.
Remote Desktop Connection
For remote desktop access, you will need a Remote Desktop app from the Chrome Web Store. Google's own Chrome Remote Desktop app native to most Chromebooks and/or available in the Web Store will not work for connecting to the University VPN service. We recommend using Chrome RDP (available here) which you can download from the Chrome Web Store store (there is a small one-off license fee for use of the software).
Terminating the VPN connection
When you have finished your remote work and want to terminate the VPN connection simply click on the University connection and click on the Disconnect button: