Automatically Connect to VPN when using a specific network in Ubuntu GNOME 16.04

Under Unity, Network Manger has a check box available for every connection that configures the automatic use of a VPN when the connection is active:

Picture of Connection setting in ubuntu 16.06 Unity

Is there a way to obtain an option like this in Ubuntu GNOME 16.04? (which uses GNOME 3.18). As the connection setting page lacks this option: enter image description here


Solution 1:

I found the answer to this. Oddly, you have to open Network Manager manually (as opposed to using the panel or Settings.

So in Terminal type nm-connection-editor. After doing so, the window that opens will have the options in the OPs first image.

This works for me in 16.04 and 17.04. Hopefully, they will integrate the various network managers in upcoming versions of GNOME.

Solution 2:

I solved the problem with a script in

/etc/NetworkManager/dispatcher.d

This folder contains scripts that are called in alphabetical order by the network manager every time there is a change in Network status. This has the advantage (different from another solution that I saw) that your VPN is not just activated at boot/startup, but also at resume after suspend/sleep.

For this to work you need a VPN connection that is already set up in your Network Manager, which I assume you have, otherwise you would not have asked the question.

  1. First Step: I followed the advice of this (German) page (https://wiki.ubuntuusers.de/NetworkManager/Dispatcher/). I opened and named a new script 02VPN1

    sudo YOURTEXTEDITOR /etc/NetworkManager/dispatcher.d/02VPN1
    

and wrote:

    #!/bin/bash
    VPN_CONNECTION_NAME="NAME_OF_YOUR_VPN_CONNECTION"
    if [ "$2" = "up" ]; then
       sleep "3s"
       nmcli con up id "${VPN_CONNECTION_NAME}"
    fi

The NAME_OF_YOUR_VPN_CONNECTION is the name of the connection file NAME_OF_YOUR_VPN_CONNECTION.conf that you used to set the connection up that you want to auto-connect to.

The condition if [ "$2" = "up" ] means that the VPN connection is only automatically connected to when you start the network connection (your Internet Connection); once the VPN service runs, you can disable it or choose another VPN.

If you only and every time want to run this VPN without the ability to disable it, you can write the script without this If-condition:

    #!/bin/bash
    VPN_CONNECTION_NAME="NAME_OF_YOUR_VPN_CONNECTION"
    sleep "3s"
    nmcli con up id "${VPN_CONNECTION_NAME}"

You can only set this file up as root, so it is owned by root without you doing anything in addition. That's how it should be.

Finally: Make this file executable, otherwise the script won't run. In Terminal:

    sudo chmod +x  /etc/NetworkManager/dispatcher.d/02VPN1
  1. Second Step (DIFFERENT from the instructions in the above link; I used the advice from here: https://ubuntuforums.org/showthread.php?t=2193559&p=12990193#post12990193

This process is run by root, and root does not yet have access to the password that you use for your VPN. Do the following: Open the file NAME_OF_YOUR_VPN_CONNECTION in /etc/NetworkManager/system-connections as root. Open a Terminal and do:

    sudo YOURTEXTEDITOR /etc/NetworkManager/system-connections/NAME_OF_YOUR_VPN_CONNECTION

a) Change the line

    password-flags=1 

to

    password-flags=0

b) At the bottom, add

    [vpn-secrets]
    password=PASSWORDOFYOURCONNECTION

Save and close the file.

  1. Now restart your Network Manager. Terminal:

    systemctl restart NetworkManager
    

to initialize the new settings. You should be done.

I did this yesterday, and as far as I can see it works fine. No guarantees!