 So I've done lots of videos about OpenVPN. This video specifically is about creating an OpenVPN client on an Ubuntu, or in my case, PapOS workstation. So this is the client side of OpenVPN config. So I'm gonna use PF Sense, but this is obviously bigger than PF Sense. You can use OpenVPN and any standard OVPN config file to do the import to make this work. PF Sense happens to make it really convenient because once you run through the wizard and set up the OpenVPN and then load the OpenVPN client export package, it makes it a one-click download that we can just export those settings. Now, first thing I'll note here is 192.168.40.1 is the internal IP of this lab server I have set up with PF Sense. Here is the WAN of 172.16.69.1.12. Over here to OpenVPN and you can run down and see all the settings. Now you could go in and manually configure all these settings into the configuration manager under networking. So we go here to the networking network and we could go and hit add VPN, OpenVPN and run through import certificates and do all that and get it working. Sounds tedious? Well, it is. There's way easier way to do this. So let's start from the beginning over here real quick and say what do we need to have to make this work? Well, just a couple of things. We need to do a sudo apt-get install network manager gnome, already the newest version and network manager open VPN, already the newest version. So you wanna make sure you install both of those and you can then restart your network stack or you can even just restart the computer. Be a quick and easy way. But you know, service, I believe it's like network manager restart. Once you've done these, it won't work until that service has been restarted. It may give an error. Once you've done that, now you have open VPN installed and the network UI for doing it because it'll install the dependencies related to it. So we'll clear and we'll go back over to here and we're gonna go to that client export. Now by default, the client export does the interface address, but you can put other host name, et cetera and I'll show you why that matters in a second. We're just gonna do this by IP because it's internal and it's a lab and we're gonna go ahead and hit most clients, your standard config file. It's gonna download a file called pfslans, pfsense, lab, udp, 1195config.ovpn. So let's take a look at what that file looks like. And pretty straightforward here. Device tunnel persistent type of cipher they're using and NCP cipher offering of 128, SHA-1, TLS. Like I said, it just ran through the wizard just to do the demo. Someone's gonna point out you could have done more security. Yes, we know. And right here's the TLS key and here is the certificate key. Now like I said, you can copy and paste these and install this manually, but that would be tedious. So let's do this. Now, first, I'm gonna test to see if this works. So we're gonna go and say sudo, this is important, open vpn and we're gonna put pfslans lab. Now it's important if you run open vpn from the command line to put sudo in front of it. Now, sudo in front of it is because it has to add a network interface and without elevated permissions, it's unable to do that. So that gives it elevated permissions. And you see 192.168.3.9 is my IP address here. And we'll just do this real quick and we'll ping 192.168.40.1, whoops. That one, you see I cannot ping it. I'm gonna go over here and show. 40.1 is the inside of this and externally it's that 172 address. So when you're looking inside of here, there's the 172 address we're gonna connect to on the remote. So I'll go ahead and back out of this. All right, and clear again. And we'll sudo open vpn, yeah, sense. All right, what's the username? Put the username password in there. We've connected and this is Tmux. We're gonna split the screen, ping 192.168.40.1. Hey, we're on the network because it's connected. This is the intermediary address 70.2 for open vpn. You can see that my local IP has actually changed vpn IP. That's a bug I have. I got to fix later in Tmux why it shows the same IP twice. But you get the idea that now we're connected and we're on that network. And if we hit control C here, I can't ping it anymore, we dropped. But obviously you don't wanna run this from the command line every time. So those tools we added allows us to go further and import that config file. So over here, we're gonna go to vpn settings. And I already have my house vpn set up in here. So we're gonna go here, import from file, downloads, defsenselab.config.openvpn, hit open. Now right here, you can just say ask for this every time or store the password. We're gonna choose store the password. Make your choice there about security at that point. Do you want the password stored? So it's easily accessible. You can just click connect. Or do you want to prompt you for the password every time? There's different ways of thinking about it. I encrypt the whole computer. I don't see it as a huge deal because once you get into the computer, you have access to quite a few things. So it's stored encrypted within the computer and a computer's got a password on boot and encrypted password on boot. So it's arbitrary to, if you crack that password, I have bigger problems than you grabbing the vpn password. But take that for what you will when you're doing that. Now, that was it. It's imported. And we're actually, I should have named it, so we'll actually call it pfsenselab. Then we can put spaces in if we want. So then we'll hit apply. So here's the pfsenselabvpn. We'll try to ping 40.1, still can't ping it. Go back over here. And we can see the little connection and connected. It's pretty fast, it's pretty much instant. And we're back online. Way to go and you see the dual vpn showing up down here. The bug I have in my Tmux config that shows it twice. So pretty straightforward to do and you are now connected to this network. Now, it will cause conflicts if I connect to this network because I have a same intermediary network so it's gonna have some routing troubles if I connect it to both. But you can get the idea that it's pretty simple to do here. Go here and then we can just take this one off. What if I wanted to connect to my house? Well, just go this way. The same thing applies. Now, it's connected to my house. Pretty straightforward. Now I can ping something at home. 1.8, should be able to ping. There you go, ping in my free NAS box at home. And we go ahead and disconnect from the vpn. Can't ping it anymore. So pretty straightforward to do, it's really that simple. Now, the last thing I wanted to show is where do these connections get saved at? Well, that's actually pretty simple too. So you go to Etsy Network Manager System Connections. Whoops. And we list all the connections and here they are. Now these ones here are not VPN connections. This is me testing some wireless devices. This was me connecting when I did some older videos that I still have saved in here. Those are in here and so is. Tom's PF Sense config and there is that config. Now, one thing to note, these are only owned by root. So if we were to try to do things like look inside of there with user level permissions even though I'm the user that set this up, I do not have permission. So it does require system level config in order to go in here and do this. But these are plain text files that you can edit and make changes to. So we're gonna go ahead and edit this one. So we'll sudo vmpfsenselab. Now please note, even though we named it something different, it grabbed the name of the import file when it was imported. Now bring it up, because we can actually import that file again, but under a different name. We'll go VPN settings again. Go here, import from file, downloads here, open. We'll call this second lab test and we'll just hit add. So now we have Tom's house VPN, PF Sense lab, second lab test. We'll do lsla and you'll notice it called it second lab test. If you name it upon config, it will name the file in here. If you don't name it upon the first time you hit apply, you can rename it later, but it's gonna only change the name inside there. So now we can go sudo vm second lab connection here. And here we go. ID, second lab connection, type VPN permissions, DevTon method, auto, et cetera. So now you're seeing where the things are stored at. And you can see the TLS Crypt key is actually stored under my particular user. And so is this. So each one of these are stored under my particular user that imported these and the config files in there. So you can see them, you can edit them, you can see what they're doing. Also to note, and we'll go back over here to the settings, second lab config, identity, some name here. I'll just put some name here. There we go. There's some actualization points in there. So now we renamed it some name here. And it was calls the lab connection, right? So it's still called the lab connection. So if we do sudo vm second lab test.connection, it's now called some name here in the ID field. So you can manipulate these on there. It's also convenient because this is the folder if you needed to back these up to put things in here or manipulate things within the system. This is where it reads from to pull that information. So it can make it kind of nice if you've done a few different VPNs, maybe different locations and you wanted to manually edit any of them or script any of it. All that information is actually stored right here. But that's it, that's straightforward to do. I'll leave those two commands I put in for actually setting up the VPN, the, where we go here. sudo apt-get install gnome and open VPN. I'll throw those in the comment section below so you can just copy and paste them in. But that's all you have to do to get open VPN set up on Ubuntu or in this case, PopOS as a client and it's pretty easy to manage because well, now they're all just right here. A switch away. And like I said, this works with quite a few different VPN services as well, not just when you're setting it up with open VPN. Really it should work with most anything that creates an open VPN or OVPN standard file for use for importing these. Saves you trouble of doing all the little manual imports, thanks. And thank you for making it to the end of the video. If you liked this video, please give it a thumbs up. If you'd like to see more content from the channel, hit the subscribe button and hit the bell icon if you'd like YouTube to notify you when new videos come out. If you'd like to hire us, head over to laurancesystems.com, fill out our contact page and let us know what we can help you with and what projects you'd like us to work together on. If you want to carry on the discussion, head over to forums.laurancesystems.com where we can carry on the discussion about this video, other videos or other tech topics in general, even suggestions for new videos, they're accepted right there on our forums, which are free. Also, if you'd like to help the channel out in other ways, head over to our affiliate page. We have a lot of great tech offers for you. And once again, thanks for watching and see you next time.