Laptop VPN for Public Networks and System Administration

Overview

NordLayer is our supported VPN (Virtual Private Network) platform for GitLab Team Members.

The use of NordLayer is optional, however it is recommended when working on guest networks or public Wi-Fi. In other words, you should connect to the VPN to secure your laptop’s traffic anytime that you’re not at home. That could be at a co-working location, an airport, a coffee shop or on a guest network at a customers office.

Some members may use a different VPN solution for these scenarios and we would recommend that they migrate to NordLayer when it’s convenient.

Background Context

When we first approached the idea of a simple VPN for those times that our employees work away from home (coffee shops, trains, planes, etc.), we found a lot of options out there. While many VPN options exist, some are much more than we need, and some far less.

When it comes to our decision on NordLayer, we had a number of things to look at:

  • Is it secure?
  • Is it easy to administer?
  • Does it support multiple operating systems?
  • Are admin actions logged?

We tested many options and while a number fit a few of these, NordLayer fit the most with security being our most important criteria.

System Owner and Support

  • DRI: @cshankgitlab
  • #security-corpsec Slack channel
NordLayer VPN Setup Guide

Access Request

Please open an Access Request and add /label ~"corpsec-metric::ar". For majority of team members, please request access to the Okta group app.nordlayer.publicwifi. If you are a system administrator that requires access to GitLab dedicated IP address, please review.

NordLayer Installation

After your access request is provisioned, you will receive an email from nordlayer@nordlayer.com with a link to download the application.

  • MacOS:

    1. Enter gitlab as the organization.
    2. Authenticate with Okta.
    3. When prompted, select to Allow an upcoming prompt.

  • Linux:

NordLayer VPN Troubleshooting Guide

Overview

FAQs

Linux VPN Protocol

In case you are experiencing any issues with your NordLayer connection, the first course of action would be to change the VPN protocol. You can do so by running the following command nordlayer settings set and selecting VPN protocol.

Windows 10 Sufficient Privileges

Verify that you have sufficient privileges to start system services

If you are getting an error ‘Verify that you have sufficient privileges to start system services’ on Windows 10 while installing the NordLayer application - please make sure that you are using an up-to date Windows 10 version.

Last modified February 18, 2025: Update NordLayer HB Pages (0e975052)
View page source - Edit this page - please contribute. Creative Commons License