A very detailed guide on how to setup VPN on Kali Linux and Ubuntu

Every day millions of people uses different VPN service providers to protect their online privacy. But it not all VPN providers are as anonymous or as secured or dedicated to protecting your Online privacy as they claim to be. Some VPN service providers even log your activity and if you are living in a country where certain sites are not allowed or you might get prosecuted for doing something as simple as scanning a network (yes, it’s in-fact an offense in many First World countries). I wrote this article on fixing VPN grayed out problem in Kali Linux. Many readers asked me to write a complete guide on how to set up VPN and which ones are secured.

Fact is, I simply cannot test all VPN providers. I cannot vouch for other users experiences and I usually only write stuffs I am sure about. Of many VPN providers, PrivateInternetAccess is claimed to be the best and fastest and according to their ToS and Privacy Policy, they seems to be well praised and recommended by several reviews such as done by TorrentFreak and LifeHacker. I strongly suggest readers to do some research before committing to any providers.

Following eight questions were taken from TF website and I feel that you should be asking yourself the same questions before going for any VPN providers: (I’ve added some comments below, your opinion might be different).

Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long? No logs. Under what jurisdictions does your company operate and under what exact circumstances will you share the information you hold with a 3rd party? Out of US, GB or any NATO affiliated countries if possible. But then you compromise on speed. Alternatively suspend user account instead of handing over logs or data. What tools are used to monitor and mitigate abuse of your service? Other than abuse blocking and service uptime, no monitor at all. In the event you receive a DMCA takedown notice or European equivalent, how are these handled? Suspend user account instead of handing over logs or data. What steps are taken when a valid court order requires your company to identify an active user of your service? Suspend user account instead of handing over logs or data. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why? I never cared for BT, but I guess no discrimination on any type of traffic. Which payment systems do you use and how are these linked to individual user accounts? Anything and everything. Best would be BitCoin. Setup own BTminer and pay with that. In that way, little/no online trace whatever. What is the most secure VPN connection and encryption algorithm you would recommend to your users? AES-128, RSA2048 or higher supported. Don’t use SHA1.

As I mostly use Kali Linux, my primary concentration would be on that. However, Kali Linux and Ubuntu uses same Network Manager, so this guide applies to the any Debian variant such as Kali Linux, and Ubuntu variants such as Linux Mint etc. In short, if you follow this guide, you will be able to setup VPN on Kali Linux, Ubuntu, Debian Linux Mint etc.

Setup VPN on Kali Linux



I use Kali Linux despite many of it’s flaw and shortcomings and I have became used to it. If you’re seriously about Online privacy, stick with the distro you know and understand best. Kali is just another Linux distro and it is as secured as you make it. There are many ways you can do it. VPN to Tor to VPN via anon proxy.

Why use VPN – benefits?

Here’s my top 11 reasons why you would want to use VPN services.

VPN provides Privacy and cloaks your IP address. Use any network (public or private or free WiFi) with encryption Login to your home or Work network from anywhere with confidence. Bypass censorship and content monitoring. Browse and bypass Firewall and censorship policy at work or Anywhere! Access region restricted services from anywhere (i.e. Youtube videos, NetFlix or BBC Player etc.) Transfer or receive files with privacy. Hide your voice/VOIP calls. Use Search Engines while hiding some of your identity. Hide yourself Cause you like to be anonymous.

As you can see from the list above, VPN not necessarily hides everything. Search engines can probably still recognizes you based on your cookies, previous browsing behavior, account sign-in (duh!), browser plug-ins (i.e. Alexa, Google Toolbar etc.).

Step 1: Enabling VPN on Kali Linux

By default the VPN section is grayed out on Kali Linux. You can follow my guide on fixing VPN grayed out issue (with screengrabs) or just copy paste the commands from below:

There’s two variants on the commands I’ve used, the first one enables all sorts of VPN and PPTP mumbo-junbo’s so that you don’t have to work your way through it later.

root@kali:~# aptitude -r install network-manager-openvpn-gnome network-manager-pptp network-manager-pptp-gnome network-manager-strongswan network-manager-vpnc network-manager-vpnc-gnome

The second one is more specific to VPN and just enabling VPN

root@kali:~# apt-get install network-manager-openvpn

On some cases, you might have to restart network-manager and networking,

root@kali:~# service networking restart [....] Running /etc/init.d/networking restart is deprecated because it may not r[warnble some interfaces ... (warning). [ ok ] Reconfiguring network interfaces...done. root@kali:~# root@kali:~# service network-manager restart [ ok ] Stopping network connection manager: NetworkManager. [ ok ] Starting network connection manager: NetworkManager. root@kali:~#

Once done, it will fix your VPN grayed out issues. For other Linux distro, this isn’t so much of a problem as those packages are usually pre-installed. (which I find a waste as your distro becomes bulkier).

Step 2: Download and extract openvpn certs from PIA

Download and extract the openvpn.zip file containing ca.crt in the correct directory:

root@kali:~# wget https://www.privateinternetaccess.com/openvpn/openvpn.zip --2015-02-27 13:14:14-- https://www.privateinternetaccess.com/openvpn/openvpn.zip Resolving www.privateinternetaccess.com (www.privateinternetaccess.com)... 23.215.245.45 Connecting to www.privateinternetaccess.com (www.privateinternetaccess.com)|23.215.245.45|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 8242 (8.0K) [application/zip] Saving to: `openvpn.zip' 100%[======================================>] 8,242 --.-K/s in 0s 2015-02-27 13:14:15 (149 MB/s) - `openvpn.zip' saved [8242/8242] root@kali:~# root@kali:~# unzip -q openvpn.zip -d /etc/openvpn root@kali:~#

Step 3: Configure Network Manager to use PIA VPN

Go to Network Manager > Edit Connections

Change to VPN Tab. VPN> Add

Click [ADD +] click the drop down menu, and set the type as OpenVPN.

Click [Create]

Go to “VPN” and fill up the following details”.

Connection name: PrivateInternetAccess VPN



Gateway: us-east.privateinternetaccess.com [**choose Gateway's from the list below]

Username: PIA Username

Password: PIA Password

CA Certificate: Browse to /etc/openvpn and select ca.crt

Click [ Advanced ]: Check the box next to “ Use LZO data compression “

]: Check the box next to “ “ Click [ OK ], [ Save ] and then [ Close ].

As for Gateways, choose on the following depending on your location:

PIA Regional Gateways

United States (US VPN)

us-midwest.privateinternetaccess.com

us-east.privateinternetaccess.com

us-west.privateinternetaccess.com

us-texas.privateinternetaccess.com

us-california.privateinternetaccess.com

us-florida.privateinternetaccess.com

Canada (CA VPN)

ca.privateinternetaccess.com

ca-toronto.privateinternetaccess.com

United Kingdom (UK VPN)

uk-london.privateinternetaccess.com

uk-southampton.privateinternetaccess.com

Switzerland (Swiss VPN)

swiss.privateinternetaccess.com

Netherlands (NL VPN)

nl.privateinternetaccess.com

Sweden (SE VPN)

sweden.privateinternetaccess.com

France (FR VPN)

france.privateinternetaccess.com

Germany (DE VPN)

germany.privateinternetaccess.com

Romania (RO VPN)

ro.privateinternetaccess.com

Hong Kong (HK VPN)

hk.privateinternetaccess.com

Israel (Israel VPN)

israel.privateinternetaccess.com

Australia (Australia VPN)

aus.privateinternetaccess.com

Japan (Japan VPN)

japan.privateinternetaccess.com