Géant VPN service for NREN members


You need an application for Google Authenticator. It can be either:

  • a browser extension (it can be this one for Chrome)
  • this Linux script (creates a connection without prompting for OTP and creates launcher icons for Gnome)
  • a mobile app

  • Initial Setup

    You have received a privnote like this:

    You can use the secret key to configure Google Authenticator

    The VPN credentials consist of your username and the password is your password + 6 digits OTP code

    Changing your password

    Once you've established a VPN connection you can access the SSH Jail on the VPN server:

  • from this Web Terminal
  • through the command line (ipv6 only):
    ssh -6 maxadamo.vpn@jump01.geant.org
  • You need to supply your username and your password followed by the OTP code.

    Once you access the chroot jail you can can use the passwd command to reset your password.

    The password expires in 365 days and you'll be notified beforehand.


    Uncomment the following lines:

    up /etc/openvpn/update-resolv-conf
    down /etc/openvpn/update-resolv-conf

    You can connect the VPN as following:

    sudo openvpn --config /path/to/config.ovpn

    Download the OpenVPN client

    You can upload the following OpenVPN client configuration file into it.

    During the installation uncheck the service installation (this is needed if you want to run an OpenVPN server).


    Download Tunnelblick

    I haven't tested Tunnelblick, but I can see from its documentation that it's possible to upload the following OpenVPN client configuration file into it.

    Please refer to Tunnelblick documentation.

    Linux & Windows

    To create a connection:

  • on Linux you need to use sudo. If you belong to the 'sudo' group, you can setup a file "/etc/sudoers.d/openvpn" as following:
    %sudo  all=nopasswd: /usr/sbin/openvpn*
  • on Windows you need to run the application as Administrator