I FINALLY got around to properly split tunneling. You know... to get my linux isos
Nothing here is specific to nordvpn. Just an example service.
- install openvpn
- Create
/etc/openvpn/nordvpn.auth with permissions of root:root 440 (I think these permissions work lol, TODO: verify it works)
ServiceUsernameHere
ServicePasswordHere
- Download openvpn config file from nordvpn and put into
/etc/openvpn/
- Rename to
.ovpn to .conf. ex: /etc/openvpn/pt1234.nordvpn.udp.conf
- edit to not be full tunnel:
- add
route-nopull
- add
auth-nocache
- change
auth-user-pass nordvpn.auth
- Start service with
sudo systemctl start [email protected] (dont add .conf)
- ex:
sudo systemctl start [email protected]
- note:
sudo service start will not work! service doesn't take params like the @
- check if it working with
sudo journalctl -xeu [email protected]
- Make it stay on reboot with
sudo systemctl enable [email protected]
Note:
sudo systemctl restart [email protected] DOES NOT WORK! You must do STOP and then START.- I believe the
openvpn service will just control all .conf files it finds in the directory. Which means that just placing a .conf there will create/run that tunnel. Rename unused tunnels with a .off or something.
actual todo:
look into doing wireguard instead. apparently you can use the nordvpn official program and extract the config file from nordlynx
changelog:
2023-07-10 added split tunnel lines, auth file permissions, openvpn service note, small formatting