Contents
- Requirements
- Install OpenVPN and OpenVPN Plugin
- Version Check
- OpenVPN Server Profile
- Import OpenVPN Config
- Set VPN Username
- Connecting / Disconnecting
- Deleting Connections
- Optional: Connection Details
- Optional: Automatically Connect
- Optional: Abbreviated Commands
- Server Profiles
Requirements
- Basic command-line knowledge.
- A Linux distribution with Network Manager.
Install OpenVPN and OpenVPN Plugin
Install the OpenVPN plugin for Network Manager. Exact commands will vary depending on your distribution.
Command for Debian/Ubuntu based distructions:
sudo apt-get install openvpn network-manager-openvpn network-manager-openvpn-gnome
Command for CentOS:
sudo yum -y install openvpn NetworkManager-openvpn NetworkManager-openvpn-gnome
Command for Fedora:
sudo dnf -y install openvpn NetworkManager-openvpn NetworkManager-openvpn-gnome
Version Check
Let's double-check that we have OpenVPN 2.4 or newer:
❯ openvpn --version
OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2019
OpenVPN Server Profile
Download an OpenVPN server profile from the list at the bottom of this page.
For our example, we're downloading AT Vienna.ovpn.
Import OpenVPN Config
❯ nmcli connection import type openvpn file AT\ Vienna.ovpn
Connection 'AT Vienna' (3efdddf1-a89a-4872-ae6e-dc2c120a1387) successfully added.
Set VPN Username
❯ nmcli connection modify "AT Vienna" vpn.user-name neil
(Use your Auth Token as both username and password.)
Connecting / Disconnecting
At this point you can use the graphical interface of Network Manager to connect/disconnect the VPN.
If you prefer to use the command-line:
Connect to the VPN:
❯ nmcli connection up "AT Vienna"
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/39)
Disconnect from the VPN:
❯ nmcli connection down "AT Vienna"
Connection 'AT Vienna' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/39)
Deleting Connections
We recommend you delete unused, old or redundant OpenVPN servers:
❯ nmcli connection show
NAME UUID TYPE DEVICE
Wired connection 1 dd530962-d349-353f-abaa-a81595677d23 ethernet enp4s0
AT Vienna 3efdddf1-a89a-4872-ae6e-dc2c120a1387 vpn --
❯ nmcli connection delete "AT Vienna"
Connection 'AT Vienna' (3efdddf1-a89a-4872-ae6e-dc2c120a1387) successfully deleted.
❯ nmcli connection show
NAME UUID TYPE DEVICE
Wired connection 1 dd530962-d349-353f-abaa-a81595677d23 ethernet enp4s0
Optional: Connection Details
There are a number of properties that you can change for each connection.
Let's see what we have:
❯ nmcli connection show "AT Vienna"
connection.id: AT Vienna
connection.uuid: b6b3f8b2-5e4f-4adf-b95c-311b29c87fc1
connection.stable-id: --
connection.type: vpn
connection.interface-name: --
connection.autoconnect: no
connection.autoconnect-priority: 0
connection.autoconnect-retries: -1 (default)
...etc.
Optional: Automatically Connect
You may have noticed the connection.autoconnect option there. It does exactly what you think it does: automatically connect to the VPN when the computer starts.
To enable this option:
❯ nmcli connection modify "AT Vienna" connection.autoconnect yes
And to disable it again:
❯ nmcli connection modify "AT Vienna" connection.autoconnect no
Note: we recommend you do not use this on laptops. It doesn't play well with login screens (captive portals) used in hotels, starbucks, etc.
Optional: Abbreviated Commands
We've been showing you the full nmcli commands for clarity. Most of them can be abbreviated for efficiency.
Some examples:
❯ nmcli c i type openvpn file AT\ Vienna.ovpn
Connection 'AT Vienna' (71639a6e-fe83-4003-986c-6aef946fd39b) successfully added.
❯ nmcli c d "AT Vienna"
Connection 'AT Vienna' successfully deactivated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/29)
❯ nmcli c de "AT Vienna"
Connection 'AT Vienna' (71639a6e-fe83-4003-986c-6aef946fd39b) successfully deleted.
Etc.