Network Manager is designed to provide automatic connectivity, through whatever channels are available. Once a VPN connection is established, all traffic is routed through the tunnel. After network interruptions, Network Manager will normally automatically restart OpenVPN to reconnect.

However, Network Manager occasionally kills the OpenVPN process after network interruptions. High network loading seems to increase the risk. And when connectivity returns, Network Manager doesn't restart OpenVPN.

Therefore, to ensure that you have no leaks when using OpenVPN with Network Manager, it's crucial to have firewall (iptables) rules that restrict traffic to the VPN tunnel, and that allow direct connections only to the VPN server. It's also prudent to block all IPv6 traffic.

  1. Install OpenVPN and the OpenVPN plugin for the Network Manager. Depending on your distro you may also require the network-manager-openvpn-gnome package. 
    sudo apt-get install openvpn network-manager-openvpn
  2. Download the latest config files and extract contents to a temporary directory.
  3. Download the IVPN CA certificate and TLS-auth key to the temporary directory.
  4. Click on the Network Manager icon (normally top right menubar) and select VPN Connections > Configure VPN.
  5. The Network connections Window will open, click Add.
  6. In the Choose a connection type window select Import a saved VPN configuration and click Create.
  7. Select one of the .ovpn files you extracted from step 2 representing the server you would like to configure and click Open to import.
  8. The VPN configuration window will open on the VPN tab. Under the Authentication heading update the Type to Password.
  9. Enter your IVPN username (starts with 'ivpn') and password.
  10. In the CA certificate field browse to the location of the ca.crt file you downloaded in step 3. Click Save.
  11. Click on the Advanced button and navigate to the TLS Authentication tab.
  12. Click on Use additional TLS authentication and select the ta.key file you downloaded in step 3. Set the Key direction to 1. Click OK and Save.
  13. Click on the Network Manager icon in the toolbar and select the newly configured server under VPN Connections.
  14. Once connected you should see a a small lock next to the Network Manager icon. You can confirm that you are connected by checking your external IP. 
    curl ifconfig.co

Troubleshooting

Most issues can be easily resolved by reviewing the OpenVPN logs. Network Manager normally writes to the syslog e.g. /var/log/syslog or /var/log/messages. You can filter the relevant logs by using grep e.g. 

sudo grep VPN /var/log/syslog
Was this answer helpful?

Can you please tell us how we can improve this article?

Related Setup Guides