Method 1 from Ternimal window
First of all install openvpn on your linux machine
milan@TGS ~/Desktop/temp $ sudo apt-get install openvpn
[sudo] password for milan:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
azureus java-wrappers libcommons-cli-java libcommons-lang-java
liblog4j1.2-java libswt-cairo-gtk-3-jni libswt-gnome-gtk-3-jni
libswt-gtk-3-java libswt-gtk-3-jni libswt-webkit-gtk-3-jni
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
libpkcs11-helper1
Suggested packages:
easy-rsa
The following NEW packages will be installed:
libpkcs11-helper1 openvpn
0 upgraded, 2 newly installed, 0 to remove and 794 not upgraded.
Need to get 432 kB of archives.
After this operation, 1,165 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main libpkcs11-helper1 amd64 1.11-1 [42.2 kB]
Get:2 http://archive.ubuntu.com/ubuntu/ trusty-updates/main openvpn amd64 2.3.2-7ubuntu3.1 [390 kB]
Fetched 432 kB in 3s (133 kB/s)
Preconfiguring packages ...
Selecting previously unselected package libpkcs11-helper1:amd64.
(Reading database ... 192854 files and directories currently installed.)
Preparing to unpack .../libpkcs11-helper1_1.11-1_amd64.deb ...
Unpacking libpkcs11-helper1:amd64 (1.11-1) ...
Selecting previously unselected package openvpn.
Preparing to unpack .../openvpn_2.3.2-7ubuntu3.1_amd64.deb ...
Unpacking openvpn (2.3.2-7ubuntu3.1) ...
Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
Processing triggers for ureadahead (0.100.0-16) ...
ureadahead will be reprofiled on next reboot
Setting up libpkcs11-helper1:amd64 (1.11-1) ...
Setting up openvpn (2.3.2-7ubuntu3.1) ...
* Restarting virtual private network daemon(s)... * No VPN is running.
Processing triggers for libc-bin (2.19-0ubuntu6.3) ...
Processing triggers for ureadahead (0.100.0-16) ...
[sudo] password for milan:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
azureus java-wrappers libcommons-cli-java libcommons-lang-java
liblog4j1.2-java libswt-cairo-gtk-3-jni libswt-gnome-gtk-3-jni
libswt-gtk-3-java libswt-gtk-3-jni libswt-webkit-gtk-3-jni
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
libpkcs11-helper1
Suggested packages:
easy-rsa
The following NEW packages will be installed:
libpkcs11-helper1 openvpn
0 upgraded, 2 newly installed, 0 to remove and 794 not upgraded.
Need to get 432 kB of archives.
After this operation, 1,165 kB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main libpkcs11-helper1 amd64 1.11-1 [42.2 kB]
Get:2 http://archive.ubuntu.com/ubuntu/ trusty-updates/main openvpn amd64 2.3.2-7ubuntu3.1 [390 kB]
Fetched 432 kB in 3s (133 kB/s)
Preconfiguring packages ...
Selecting previously unselected package libpkcs11-helper1:amd64.
(Reading database ... 192854 files and directories currently installed.)
Preparing to unpack .../libpkcs11-helper1_1.11-1_amd64.deb ...
Unpacking libpkcs11-helper1:amd64 (1.11-1) ...
Selecting previously unselected package openvpn.
Preparing to unpack .../openvpn_2.3.2-7ubuntu3.1_amd64.deb ...
Unpacking openvpn (2.3.2-7ubuntu3.1) ...
Processing triggers for man-db (2.6.7.1-1ubuntu1) ...
Processing triggers for ureadahead (0.100.0-16) ...
ureadahead will be reprofiled on next reboot
Setting up libpkcs11-helper1:amd64 (1.11-1) ...
Setting up openvpn (2.3.2-7ubuntu3.1) ...
* Restarting virtual private network daemon(s)... * No VPN is running.
Processing triggers for libc-bin (2.19-0ubuntu6.3) ...
Processing triggers for ureadahead (0.100.0-16) ...
Now download openvpn certificate from any service websites.I am just giving two links below.
Please cross verify before using.
1.Download one of the VPNBook OpenVPN certificate bundles
Create a folder in your home Extract the OpenVPN certificate bundle to it.
open ternimal from this folder and type
milan@TGS ~/Desktop/temp $ sudo openvpn --config vpnme_fr_tcp443.ovpn
Mon Jan 30 13:31:38 2017 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Enter Auth Username:fr-open
Enter Auth Password:
Mon Jan 30 13:31:55 2017 Socket Buffers: R=[87380->131072] S=[16384->131072]
Mon Jan 30 13:31:55 2017 Attempting to establish TCP connection with [AF_INET]195.154.69.175:443 [nonblock]
Mon Jan 30 13:31:56 2017 TCP connection established with [AF_INET]195.154.69.175:443
Mon Jan 30 13:31:56 2017 TCPv4_CLIENT link local: [undef]
Mon Jan 30 13:31:56 2017 TCPv4_CLIENT link remote: [AF_INET]195.154.69.175:443
Mon Jan 30 13:31:57 2017 TLS: Initial packet from [AF_INET]195.154.69.175:443, sid=cbf5d57a a5f7925a
Mon Jan 30 13:31:57 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Jan 30 13:32:01 2017 VERIFY OK: depth=1, C=FR, ST=FR, L=France, O=VpnME, CN=server, name=server, emailAddress=info@vpnme.me
Mon Jan 30 13:32:01 2017 VERIFY OK: nsCertType=SERVER
Mon Jan 30 13:32:01 2017 VERIFY OK: depth=0, C=FR, ST=FR, L=France, O=VpnME, CN=server, name=server, emailAddress=info@vpnme.me
Mon Jan 30 13:32:11 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Jan 30 13:32:11 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jan 30 13:32:11 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Jan 30 13:32:11 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jan 30 13:32:11 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Jan 30 13:32:11 2017 [server] Peer Connection Initiated with [AF_INET]195.154.69.175:443
Mon Jan 30 13:32:13 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Jan 30 13:32:14 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.50 10.8.0.49'
Mon Jan 30 13:32:14 2017 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jan 30 13:32:14 2017 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jan 30 13:32:14 2017 OPTIONS IMPORT: route options modified
Mon Jan 30 13:32:14 2017 ROUTE_GATEWAY 192.168.43.1/255.255.255.0 IFACE=wlan0 HWADDR=78:dd:08:e2:3e:b3
Mon Jan 30 13:32:14 2017 TUN/TAP device tun0 opened
Mon Jan 30 13:32:14 2017 TUN/TAP TX queue length set to 100
Mon Jan 30 13:32:14 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Jan 30 13:32:14 2017 /sbin/ip link set dev tun0 up mtu 1500
Mon Jan 30 13:32:14 2017 /sbin/ip addr add dev tun0 local 10.8.0.50 peer 10.8.0.49
Mon Jan 30 13:32:14 2017 /sbin/ip route add 195.154.69.175/32 via 192.168.43.1
Mon Jan 30 13:32:14 2017 /sbin/ip route add 0.0.0.0/1 via 10.8.0.49
Mon Jan 30 13:32:14 2017 /sbin/ip route add 128.0.0.0/1 via 10.8.0.49
Mon Jan 30 13:32:14 2017 /sbin/ip route add 10.8.0.1/32 via 10.8.0.49
Mon Jan 30 13:32:14 2017 Initialization Sequence Completed
Mon Jan 30 13:31:38 2017 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Dec 1 2014
Enter Auth Username:fr-open
Enter Auth Password:
Mon Jan 30 13:31:55 2017 Socket Buffers: R=[87380->131072] S=[16384->131072]
Mon Jan 30 13:31:55 2017 Attempting to establish TCP connection with [AF_INET]195.154.69.175:443 [nonblock]
Mon Jan 30 13:31:56 2017 TCP connection established with [AF_INET]195.154.69.175:443
Mon Jan 30 13:31:56 2017 TCPv4_CLIENT link local: [undef]
Mon Jan 30 13:31:56 2017 TCPv4_CLIENT link remote: [AF_INET]195.154.69.175:443
Mon Jan 30 13:31:57 2017 TLS: Initial packet from [AF_INET]195.154.69.175:443, sid=cbf5d57a a5f7925a
Mon Jan 30 13:31:57 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Mon Jan 30 13:32:01 2017 VERIFY OK: depth=1, C=FR, ST=FR, L=France, O=VpnME, CN=server, name=server, emailAddress=info@vpnme.me
Mon Jan 30 13:32:01 2017 VERIFY OK: nsCertType=SERVER
Mon Jan 30 13:32:01 2017 VERIFY OK: depth=0, C=FR, ST=FR, L=France, O=VpnME, CN=server, name=server, emailAddress=info@vpnme.me
Mon Jan 30 13:32:11 2017 Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Jan 30 13:32:11 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jan 30 13:32:11 2017 Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
Mon Jan 30 13:32:11 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Jan 30 13:32:11 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Jan 30 13:32:11 2017 [server] Peer Connection Initiated with [AF_INET]195.154.69.175:443
Mon Jan 30 13:32:13 2017 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Jan 30 13:32:14 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.50 10.8.0.49'
Mon Jan 30 13:32:14 2017 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jan 30 13:32:14 2017 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jan 30 13:32:14 2017 OPTIONS IMPORT: route options modified
Mon Jan 30 13:32:14 2017 ROUTE_GATEWAY 192.168.43.1/255.255.255.0 IFACE=wlan0 HWADDR=78:dd:08:e2:3e:b3
Mon Jan 30 13:32:14 2017 TUN/TAP device tun0 opened
Mon Jan 30 13:32:14 2017 TUN/TAP TX queue length set to 100
Mon Jan 30 13:32:14 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Jan 30 13:32:14 2017 /sbin/ip link set dev tun0 up mtu 1500
Mon Jan 30 13:32:14 2017 /sbin/ip addr add dev tun0 local 10.8.0.50 peer 10.8.0.49
Mon Jan 30 13:32:14 2017 /sbin/ip route add 195.154.69.175/32 via 192.168.43.1
Mon Jan 30 13:32:14 2017 /sbin/ip route add 0.0.0.0/1 via 10.8.0.49
Mon Jan 30 13:32:14 2017 /sbin/ip route add 128.0.0.0/1 via 10.8.0.49
Mon Jan 30 13:32:14 2017 /sbin/ip route add 10.8.0.1/32 via 10.8.0.49
Mon Jan 30 13:32:14 2017 Initialization Sequence Completed
Done you can check tunneling from Terminal by typing ifconfig. you can start browsing securely !!
Method 2 - GUI
1.Create a folder in your home and extract the OpenVPN certificate bundle to it.
2.Create 3 new empty text documents and call them respectively .
ca.crt,
certificate.crt,
key.key
3.Open one of the .ovpn files (All of the .ovpn files are the same, but with different configurations.) with gedit text editor then copy and paste the following respectively:
4.Copy everything between <ca></ca> tags and paste into ca.crt file
5.Copy everything between <cert></cert> tags and paste into certificate.crt file
6.Copy everything between <key> </key> tags and paste into key.key file.
7. Go to network manager -> Network Connections-> Add->import a saved VPN connection-> Create and choose one of the .ovpn files then import the " ca.crt, certificate.crt, key.key" related to it.
Connection name: choose any name you want
Gateway: leave it as it is
Type: Password with Certificates (TLS) <---- this is very important
Username: vpnbook
Password: ch3pERuG <--- Password may be different for you
User Certificate: choose the certificate.crt file from folder.
CA Certificate: choose the ca.crt file from folder.
Private Certificate: choose the key.key file from folder.
Private Key Password: leave it empty
8. Click the Advanced button. Check the boxes which say:(only if needed)
Use custom gateway port: 443
Use LZO data compression
Use a TCP connection
Under Security tab, set Cipher to AES-128-CBC
Note: Advanced settings depend on the .ovpn file you selected), find the ip, port, cipher and so forth at the top of .ovpn file
That,s it.Comment below if you have any doubts.
Post a Comment
Post a Comment