Pritunl allows users to download a zip archive containing an onc configuration file and p12 cert file. The user can then import these files on their Chromebook and connect to a Pritunl server. Because of the limitations and bugs with OpenVPN on Chrome OS it is best to create a separate server for Chromebook users. Single sign-on should also be used which will allow users to authenticate with the Pritunl server using their Google account and then download their keys. The onc configuration file can only include one hostname so it is best to use only one host with the server. If multiple hosts are used all the hosts must be online which can be done by setting the Replication Count. Below is a list of known limitations with OpenVPN on Chrome OS. With an Enterprise license a Chromebook link will be displayed on the key download dialog and user key download page. Instruct users to use the Chromebook tutorial when connecting.
Refer to Debugging for information on debugging Chrome OS clients.
Refer to Chrome OS Client for documentation on configuration a Chrome OS client.
- ChromeOS v66 corrupts routing table when Chromebook is suspended requiring manually reconnecting
- Password must be entered even if user has no password. If no password is configured the user should be instructed to enter any password. It is recommend to use an authentication configuration that has a pin or OTP code to avoid user confusion.
- IPv6 routing currently does not work on ChromeOS. Clients will still be able to connect to the Pritunl server over IPv6 but no IPv6 traffic will route through the VPN.
- Allow multiple devices should be disabled
- Configuration sync not available
Updated about 4 years ago