Almost various virtual private network providers out there will support a variety of platforms. Every premium VPN service you look at will support native macOS, Android, Windows, and iOS client apps to their users. But with Linux, it is not as simple as that. While various VPN services do not support Linux, that does not necessarily mean you cannot do it. In this blog, TechNinjaPro will show you how to set up an OpenVPN connection in Kali Linux via the Network Manager.
OpenVPN configuration files
In general, a VPN provider that supports Linux without supplying a native Linux client makes OpenVPN configuration files available on its site. This goes for VPN services that support routers as well. Although they offer native applications for a particular platform, some VPN services still provide access to their OpenVPN configuration files to allow users to connect using a third-party client.
So, if your VPN services support Linux, support routers, or allow users to connect with third-party clients, there is an ideal option to make its OpenVPN configuration files for download. The information in these configuration files can be used to create a virtual private network connection over Linux using the Network Manager.
Configuring an OpenVPN Connection using the Network Manager
There are two ways available to configure an OpenVPN connection in Kali Linux. In this blog, TechNinjaPro will walk you through configuring an OpenVPN connection to protect your internet traffic.
Configuring your OpenVPN connection automatically
- From the Desktop, click the Network Manager at the top right of the screen. If you are on a wired network connection, the icon will be square. If you are on wireless, it will be a wifi icon. Select VPN connection > Add a VPN connection. The network manager is displayed.
- From the drop-down menu, choose to import a saved VPN configuration.
- Tick create. The file browser is displayed.
- Navigate to the server location where you saved your VPN provider’s OpenVPN configuration files and choose the .ovpn file you need to connect. The editing VPN window is displayed.
- Enter username and password and click save. If your VPN provider needs a username, client identifier, or an account number and does not need a password, just type anything in the password field. Please do not leave it empty.
- By ticking the icon to the right of the password section, you can choose the password that is not needed. However, you will still be prompted for a password regardless of whether or not this choice is determined.
- Click Save. The editing VPN window is closed.
- You are then prompted to build a password for a new keyring. Kali Linux is a secure Linux distribution. As such, the first time you generate a password on the system, it prompts you to create an extra keyring password to store your password. You would not be prompted to enter this password to connect to the virtual private network.
- Type and verify your keyring password and then tick continue. Your OpenVPN connect is now configured.
- To enable your virtual private network connection, click the network manager at the top right of the Desktop and choose VPN connections.
- Upon successful connection, you will see a notification that you are now connected to a virtual private network.
- You can confirm that your IP address has been changed by using the IP address check tool.
This is the automatic way. But you can also set up your connection manually. Knowing how to set up your OpenVPN connection manually can help you if something goes wrong and you want to troubleshoot.
Configuring your OpenVPN connection manually
Whether creating your OpenVPN connection automatically or manually, you will need your VPN provider‘s OpenVPN configuration files. Once you have the .ovpn files, you will make individual files for your CA certificate and your TLS key. These files are all found in the .ovpn configuration files.
The TLS key: Many VPN services also need a TLS key to initiate a client connection. Whether or not your VPN provider needs a static key to set up an OpenVPN connection, you may or not going to want that as well.
The CA certificate: Each VPN service has a certificate authority that validates connections to its VPN servers. You will need your VPN’s CA certificate to configure a virtual private network client in Kali Linux.
- Click the network manager at the right of the desktop screen.
- From the drop-down menu, choose OpenVPN.
- Click create, and the editing VPN window is displayed.
- Provide the connection a name and enter the VPN server IP address and hostname in the Gateway field, followed by the port number and a colon, For example, .vpnserver.com:2049.
- Under validation, set the type field to password. Enter your password and username and click save. If your VPN provider only needs a username, a client identifier, or an account number, and does not need a password, just type anything in the password field. Please do not leave it blank.
- Now, click on the icon to the right of the password field. You can choose the password that is not needed, but it still prompts you for a password regardless of whether or not this choice is selected.
- Click the CA certificate field. The field browser appears. Navigate to the CA.crt file you formed and choose it.
- Click the Advanced button to see more choices.
- If your VPN service uses data compression, click data compression and choose the type of compression from the drop-down menu.
- Click set virtual device type, leave it set to TUN, and set the name to TUN.
- Go to the Security tab.
- If your VPN service supports different encryption ciphers, you can manually choose your cipher here. If not, leave it to default.
- Go to the TLS authentication tab. Setting the TLS authentication choices is unnecessary if your VPN service does not use TLS authentication or offer a TLS key.
- Choose your VPN provider’s server certificate check process and enter the subject match. You can found this in the .ovpn configuration file.
- Click verify peer certificate usage signature and leave the setting to the server.
- Under added TLS authentication or encryption, choose either TLS-Auth or TLS-Crypt, based on the choices supported by your VPN service.
- Tick the key file field. The file browser appears. Navigate to the TLS key file you formed earlier and choose it.
- Tick the key direction field and choose 1 from the drop-down menu.
- Tick Ok. You are taken back to the editing VPN window.
- Tick Save, and the editing window is closed.
- If it is the first time you create a password on this system, you will be prompted to create a keyring password. Type and verify your keyring password and then tick continue. Your OpenVPN connection is now configured.
- To enable your virtual private network connection, click the network manager icon at the top right of the Desktop.
- Upon successful VPN connection, you will see a notification stating that you are now connected to the virtual private network.
- You can confirm that your IP address has been changed by using the IP address check tool.