Configure OpenVPN in Linux Network Manager

This tutorial describes how to configure OpenVPN connection to SecurityKISS servers using Linux Network Manager. The screenshots come from Ubuntu 11.10 (Oneiric Ocelot).

As a prerequisite you need to have root privileges and the configuration bundle you can download from SecurityKISS Client Area.

Step 0. Check your DNS settings

You need to make sure that the DNS server you use is accessible from the Internet (from outside of your network). Most often people use the default DNS server settings of their Internet Provider and they are most likely not accessible from outside. If this is the case you need to change DNS to one of the publicly available DNS servers like:

In order to do it system-wide you may want to install resolvconf:

sudo apt-get install resolvconf

Then edit /etc/resolvconf/resolv.conf.d/base and add the name servers:


Update resolvconf and reload networking:

sudo resolvconf -u
/etc/init.d/network-manager force-reload

Step 1. Download SecurityKISS config files

Check your current working directory

sk@ubuntu:~$ pwd

Download the configuration bundle (use the download link you genereted in SecurityKISS Client Area)

sk@ubuntu:~$ wget -N

Unzip the files

sk@ubuntu:~$ tar xfm securitykiss_linux_client00363672.tar.gz

View the README.txt file to find the list of SecurityKISS gateways

sk@ubuntu:~$ more securitykiss_linux_client00363672/README.txt

  Country  City                 IP Address        Proto   Port   
  UK       Manchester    udp     5353
  UK       Manchester    tcp     443 

Step 2. Install Network Manager plugin for OpenVPN

Open terminal

In the terminal type the following command to install the plugin. You will be prompted for root password.

sk@ubuntu:~$ sudo apt-get -y install network-manager-openvpn
[sudo] password for sk: *******

Network Manager requires restart:

sk@ubuntu:~$ sudo restart network-manager

Step 3. Configure OpenVPN connection

In the network connections find 'Configure VPN'

Select VPN tab

Add new VPN connection

Choose a VPN connection type

Press Create

Enter connection name indicating server location, protocol and port. In the Gateway field enter one of the IP addresses from the list you found in README.txt. Authentication type should be 'Certificates (TLS)'. Next click to select User Certificate.

Navigate to the location where you unzipped config files (probably it will be /home/$username/securitykiss_linux_clientxxxxxxxx)

Open client.crt file

Do the same for CA Certificate

But open ca.crt

And the same for Private Key

But open client.key

Select Advanced button

Tick 'Use LZO data compression' and 'Use custom gateway port' checkboxes. Enter port number according to the selected server from README.txt. If the server you selected from the list is marked as TCP you also need to tick 'Use a TCP connection'

Accept and save the settings

Step 4. Test the tunneled connection

Connect from the VPN connections

You can verify if your IP address has changed by opening our geolocation website: securitykiss.com/locate

You can set up other servers from the list in similar way.