In this blog post, I am going to install and configure OpenVPN client on Kali Linux for secure VPN Connection.
Using OpenVPN is very simple. In most of the distributions it is installed by default. If it is not, you can download and install it very easily.
Step 1 – Download / Install OpenVPN:
On Kali Linux, OpenVPN is already available in debian repositories, so we just need to install required packages by apt-get command as follows:
Step 2 – Download OpenVPN certificates:
The certificates required for OpenVPN setup are normally “Client-Key”, “Client-Certificate” and “CA-Certificate”. In my case, certificates required are:
4- TA.key ( Authentication Key, NOT necessary, only if it has been provided to you)
I need all these files as I configured Server based on all these settings like HMAC Authenticaiton and LZO Compression. So, let’s begin configuring.
Step 3a – Make a VPN directory to keep things ordered
(Trust me on this… you’ll be so glad)
# mkdir VPN-Files # cp <AllCerts> <VPN-Files-Directory>
# mkdir VPN-Files
# cp <AllCerts> <VPN-Files-Directory>
Step 3b – Configure VPN
– Goto Settings by Clicking Arrow on Top Right Corner and Click Settings icon (Screw Driver icon).
– On “All Settings” window, select “Network”
– On “Network” window, click on + (Plus) icon to add VPN network as shown below:
– On next window, select “VPN” and then “OpenVPN” on next to that window.
– On next opened window form “Add Network Connection”.
– Fill-up all the required settings as:
– Name: Provide any Name for this VPN connection here.
– Gateway: Provide IP or hostname of the VPN Server here, in my case, it is “myvpn.muhammadattique.com”
– Type: Select type of VPN connection you need to configure. In my case, I only have certificates (without any user authentication).
– Now click on “Advanced” button to configure further options.
– Port: Like in my case, if you are using different port other than default, enter it here. But if you are using default, leave it as it is.
– I have to select “LZO Compression” as this is required in my connection case.
– Click on “Security” Tab.
– Select “Cipher” you are using, in my case, it is “AES-256-CBC”
– Select “HMAC Authentication“, I’m using “default“.
– Click on “TLS Authentication” Tab. As I have to provide authentication key i.e. “TA.key” file as I mentioned before.
– Select “Authentication Direction“. It must be opposite to direction of server. i.e. If OpenVPN Server is configured with direction “0”, then all of its clients will be configured with direction “1”, like in my case.
– Click “OK” and “Add” … Connection has been created.
– Move the Connection Slider next to VPN Connection name to connect it. If configuration was correct, then it should be connected as shown below.
Verify VPN has been connected and working as expected by viewing / checking your Public IP. Simplest way is to browse following URL, it will show you your public IP.