Tested on Debian 9.
First, edit /etc/default/openvpn
and uncomment the following setting to prevent any VPN from being launched automatically:
AUTOSTART="none"
Follow by:
$ sudo systemctl daemon-reload
$ sudo systemctl restart openvpn
Obtain the client config files as outlined here: https://nordvpn.com/tutorials/linux/openvpn.
Unzip the files and cd
to the folder containing ovpn_tcp
and ovpn_udp
.
Execute the following script (you can copy commands individually if you prefer):
# Rename files to follow a simpler pattern:
# foo.nordvpn.com.tcp.ovpn -> foo.conf
# foo.nordvpn.com.udp.ovpn -> foo-udp.conf
# Assumes NordVPN as your sole provider; feel free to modify the pattern.
rename "s/.nordvpn.com.tcp.ovpn/.conf/" ovpn_tcp/*.ovpn
rename "s/.nordvpn.com.udp.ovpn/-udp.conf/" ovpn_udp/*.ovpn
# Set the auth-user-pass file in every client file.
# Feel freel to replace `.auth` with whatever you want.
grep -rl auth-user-pass . | xargs sed -i 's/auth-user-pass/auth-user-pass .auth/g'
# Set the DNS resolver in every conf file.
for f in **/*.conf; do
echo -e "
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf" >> $f
done
# Copy configs over to their final destination.
sudo cp **/*.conf /etc/openvpn/
Create the credentials ("up") file, containing your provider username and password, each in a separate line:
$ sudo echo -e "user\npass" > /etc/openvpn/.auth
Try the service out:
$ sudo systemctl start openvpn@us1001-udp
or openvpn@<any-other-file>
, just omit the .conf
extension.
Check your IP and if DNS might be leaking:
If green, you're all set.
To automatically start a VPN located in /etc/openvpn
, enable openvpn@<name>
.
Happy tunneling!