Connect Chromebook to UTM using SSL VPN

Hi, Steve, and welcome to the UTM Community!

You didn't give an example of a broken link or say which Remote Access method wasn't working.

Cheers - Bob

Hi Bob,

It's an SSL VPN. The broken link is in this thread:

https://community.sophos.com/products/unified-threat-management/f/vpn-site-to-site-and-remote-access/55561/ssl-vpn-on-a-chromebook

S.

That works for me, Steve: http://blog.dwolla.com/openvpn-on-chromeos-a-step-by-step-guide/

Cheers - Bob

That's very odd. Still doesn't work for me:

Today, I can't get to it, Steve.  I'd just try a google.

Cheers - Bob

Hi,

the website seems to be offline.

I ran into the same problem - using the sophos ssl vpn with our chromebooks - here is my solution:

1. set up your ssl vpn 
2. log into your UTM with the admin account
   1. goto Remote Access
   2. goto Certificate Management
   3. download user certificate as PKCS#12
3. log into your UTM user portal with the user account, who needs the ssl connection
   
   1. go to remote access
   2. download the OpenVPN configuration file (.ovpn)
4. get my onc template
5. edit the template according to your IT configuration
   1. "GUID": "{get one at www.uuidgenerator.net}",
   2. "Name": "name of connection in ChromeOS",
   3. "Host": "IP.address.or.domain.name.of.my.utm",
   4. "Port": 443,
   5. copy & paste the ca-certificate and the user certificate from the .ovpn file into the .onc file (-----BEGIN CERTIFICATE----- .... -----END CERTIFICATE-----)
   6. remove the wordwraps between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----
   7. save
6. log on to your chromebook with the user account, who needs the ssl connection
   1. open chrome://settings
   2. search for certificate
   3. open the certificate manager
   4. import the user certificate hardware backed
   5. open chrome://net-internals#chromeos
   6. import the edited .onc file by using "Import ONC file" - there will be no confirmation!
7. open the VPN connection in settings and start it
8. enter the username and password

Steps 5.a through 5.g should be scriptable using powershell.

Cheers,

Chris

Hi,

the website seems to be offline.

I ran into the same problem - using the sophos ssl vpn with our chromebooks - here is my solution:

1. set up your ssl vpn 
2. log into your UTM with the admin account
   1. goto Remote Access
   2. goto Certificate Management
   3. download user certificate as PKCS#12
3. log into your UTM user portal with the user account, who needs the ssl connection
   
   1. go to remote access
   2. download the OpenVPN configuration file (.ovpn)
4. get my onc template
5. edit the template according to your IT configuration
   1. "GUID": "{get one at www.uuidgenerator.net}",
   2. "Name": "name of connection in ChromeOS",
   3. "Host": "IP.address.or.domain.name.of.my.utm",
   4. "Port": 443,
   5. copy & paste the ca-certificate and the user certificate from the .ovpn file into the .onc file (-----BEGIN CERTIFICATE----- .... -----END CERTIFICATE-----)
   6. remove the wordwraps between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----
   7. save
6. log on to your chromebook with the user account, who needs the ssl connection
   1. open chrome://settings
   2. search for certificate
   3. open the certificate manager
   4. import the user certificate hardware backed
   5. open chrome://net-internals#chromeos
   6. import the edited .onc file by using "Import ONC file" - there will be no confirmation!
7. open the VPN connection in settings and start it
8. enter the username and password

Steps 5.a through 5.g should be scriptable using powershell.

Cheers,

Chris