Network namespaces is a Linux feature that can be used to control how the traffic is distributed on different network interfaces on the same computer. It can be used to access, in a terminal, the school VPN, and keep Internet working in the mean time on other terminals and windows … you can also mount on your local computer shared folders from the school network and continue listening to spotify …

To do this you just have do download, configure and run the start_openvpn_in_netns_with_auth.bash bash script.

Note : this script is adapted from a very nice and crystal clear script found here.

Before starting, ensure that IP forwarding is active on your local computer :

sudo su
echo  1 > /proc/sys/net/ipv4/ip_forward

or :

sudo sysctl -w net.ipv4.ip_forward=1

To make IP forwarding permanent (so that it still works after next reboot) you have to uncomment IP forwarding in /etc/sysctl.conf file:

# Uncomment the next line to enable packet forwarding for IPv4

Also verify that all required packages are installed :

sudo apt install openvpn resolvconf

Then you will have to get the name of your network interface :

ip link show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp33s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
    link/ether 30:9c:23:07:2f:43 brd ff:ff:ff:ff:ff:ff

Here, the network interface is called enp33s0; We now have to change some settings of the script :

# ------------ adjust values below ------------
# network namespace
# user for starting openvpn
# network interface (put your own, use "ifconfig" or "ip link show" to get it)
VPN_CREDENTIALS_PATH=/home/newubu/MyInstall/vpn # path to VPN config, keys, ...
VPN_INSTALL_PATH=/etc/openvpn # path to openvpn config (set for Ubuntu 18.04/16.04)
TEST_HOST_NAME=saltp7-l # test host name on the VPN
TEST_HOST_IP= # test host IP on the VPN
# ---------------------------------------------

The last thing to do is to download post-update-resolv-conf to setup properly the DNS. This file must be placed in VPN_CREDENTIALS_PATH or in VPN_INSTALL_PATH.

Now we start the connection

chmod +x start_openvpn_in_netns_with_auth.bash
sudo ./start_openvpn_in_netns_with_auth.bash

A new terminal will popup, where you will have to log in

Enter Auth Username: 
Enter Auth Password: ***********
Tue Apr 28 16:28:48 2020 WARNING: No server certificate verification method has been enabled.  See for more info.
Tue Apr 28 16:28:48 2020 Deprecated TLS cipher name 'DHE-RSA-AES256-SHA', please use IANA name 'TLS-DHE-RSA-WITH-AES-256-CBC-SHA'
Tue Apr 28 16:28:50 2020 do_ifconfig, tt->did_ifconfig_ipv6_setup=0

The Auth Username is the usual 6+2 id (ex. tournetr for Tryphon TOURNESOL). Let this terminal alive !!!

Finally, go back the previous terminal. If all is OK, this message will appear :

you are now on vpn is this terminal ... type CTRL-D or exit to leave

In this terminal you have access to the computers on the VPN by their host names :

ping -c 1  proxy
PING proxy.ensieta.ecole ( 56(84) bytes of data.
64 bytes from iwsva2.ensieta.ecole ( icmp_seq=1 ttl=64 time=46.7 ms
--- proxy.ensieta.ecole ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 46.793/46.793/46.793/0.000 ms

You can ssh to these computers, on can also mount a network drive on you local computer at home, this can be cool to access you web page or the public shared folder. To mount shared volumes, we need some additional packages :

sudo apt install keyutils cifs-utils

Here is an example on how to mount the public shared folder :

sudo mkdir /mnt/public
sudo mount -t cifs //svmnas2/public  /mnt/public -o user=youruserid,vers=3.0
ls /mnt/public/share
 ___ATTENTION_SUPPRESSION_AUTOMATIQUE_LE_DIMANCHE_8H00  'Photos poster  Jean Louis'     test_FM
'Driver DELL Latitude 5290'                              Renavisio            
 FIPA                                                    Sqldeveloper                   Thumbs.db
 MT                                                      temp-transfertDatarmorOSmOSE

To quit, just type Ctrl+D in the terminal, this will close the network namespace, the authentication window and unmount all shared volumes.

Enjoy …

Note : if you want to suppress the automatic start at boot (ask for username and password) in the file /etc/default/openvpn disable the auto-start by removing the comment in the line :