Overview
Kerio Control VPN Client is a tool for secure connection into a private network running Kerio Control on its Internet gateway.
This article will guide you on how to install Kerio VPN Client for Debian and Ubuntu Linux.
Prerequisites
Before you start with the Kerio Control VPN Client installation, make sure that the 'debconf' and 'openssl' packages are installed on your system.
If the 'debconf' and 'openssl' packages are NOT installed on your system, execute the following command to install them:
# sudo apt-get install debconf openssl
Solution
Installation
To install Kerio Control VPN Client on 32-bit Debian / Ubuntu, execute the following command:
# sudo dpkg -i kerio-control-vpnclient-###-linux.deb
To install Kerio Control VPN Client on 64-bit Debian / Ubuntu, execute the following command:
# sudo dpkg -i kerio-control-vpnclient-###-linux-amd64.deb
Configuration
-
Kerio Control VPN Client for Linux supports only one VPN connection at a time.
-
During the package installation, a configuration wizard is automatically started. The wizard will ask for
-
the server name/address, (note: if default port number is changed, suffix it with a colon, eg. 'server1:4091')
In case the server uses a different port than the default 4090, you have to suffix the port number to the server name / IP address with a colon (eg. 'server1:4091') - your administrator can confirm this. -
username,
-
password,
-
automatic detection of the server's certificate fingerprint (for server identity verification).
-
-
Alternatively, the server's certificate fingerprint may be entered manually.
-
If you want to change the configuration later, rerun the wizard by executing the following command:
# sudo dpkg-reconfigure kerio-control-vpnclient
-
Alternatively, it is possible to edit the configuration file
/etc/kerio-kvc.conf
manually.# sudo nano /etc/kerio-kvc.conf
-
After any changes to this file, it is necessary to reload the configuration by executing the following command:
# sudo /etc/init.d/kerio-kvc reload
How to Verify the Server's Certificate Fingerprint?
To make sure that the detected server's certificate fingerprint matches the desired server, take the following steps:
-
Open the Administration Console for a particular Kerio Control server.
-
Go to the Configuration / Interfaces section.
-
Open the VPN Server properties.
-
Compare the content of the Fingerprint field with the automatically detected certificate fingerprint from the VPN client side.
Starting / Stopping
Kerio Control VPN Client will be automatically started after installation and restarted after reconfiguration.
You can start/stop it manually by executing the following command:
# sudo /etc/init.d/kerio-kvc {start|stop|restart}
Once the Kerio Control VPN client is started, the Status -> VPN clients section will show Connected status.
For more information, please refer to Monitoring VPN clients.
Uninstallation
To uninstall Kerio Control VPN Client, remove the installed package by executing the following command:
# sudo apt-get remove kerio-control-vpnclient
To uninstall Kerio Control VPN Client completely with configuration removal, execute the following command:
# sudo apt-get remove --purge kerio-control-vpnclient
Information on Log Files
Kerio Control VPN Client creates the following log files in the /var/log/kerio-kvc
directory:
init.log
- provides information on starting and stopping the daemon.
error.log
- includes information on critical errors.
debug.log
- contains more detailed status and error messages.
Open Source Software Notice
The 'libkvnet' library is free software distributed under the terms of the GNU Lesser General Public License (LGPL).
Source tarball of the 'kvnet' module for a particular version is available in the Opensource Software archive.
Related Articles
Installing and Configuring Kerio Control VPN Client on Windows
Configuring Kerio Control VPN Client in OS X