Linux setup

How to use OpenVPN config files on Linux

Linux users can run OpenVPN profiles through NetworkManager, desktop VPN settings or the openvpn command line. The command line gives the clearest logs, while NetworkManager is convenient for repeated desktop testing.

Use this guide when you want practical Linux import commands, DNS checks and troubleshooting for public .ovpn profiles.

Full Linux setup Linux VPN testing UDP vs TCP Port check

Article snapshot

13 min readEstimated reading time
2026-05-17Last reviewed
10 minLive server refresh interval
Technical check, not a privacy guarantee. PublicVPNList checks reachability, speed, latency and config availability. It does not verify the VPN operator, logging policy, jurisdiction or long-term privacy guarantees.

Quick answer

1 Install OpenVPN tools

Install OpenVPN and, for desktop import, the NetworkManager OpenVPN plugin.

2 Download a checked profile

Use a fresh row with measured speed and latency.

3 Import or run

Import into NetworkManager or run sudo openvpn --config file.ovpn.

4 Inspect routes and DNS

Check ip route, resolvectl status and visible IP after connection.

On this page

NetworkManager import

On GNOME, KDE and many desktop distributions, install the NetworkManager OpenVPN plugin, then import the .ovpn file from network settings. The imported profile appears like any other VPN connection.

NetworkManager is convenient, but it can hide detailed errors. If a public profile fails, run it from the command line once so you can see TLS, certificate, route and DNS messages directly.

Command line connection

A direct command line test is often the fastest way to diagnose a profile:

sudo openvpn --config ./profile.ovpn

Keep the terminal open while testing. If the connection succeeds, OpenVPN will show initialization messages and route pushes. Stop it with Ctrl+C when you finish testing.

Linux DNS checks

After connecting, check your visible public IP and inspect DNS. On systemd-resolved systems, run resolvectl status. On NetworkManager systems, inspect the VPN connection DNS settings or use nmcli device show.

If DNS still points to your local router or ISP, the profile may not push DNS or your resolver manager may ignore it. Use a known resolver for the VPN profile or choose another endpoint.

Common Linux errors

Cannot open TUN/TAP dev means permissions or kernel support are missing. Run with sufficient privileges and check whether /dev/net/tun exists.

AUTH_FAILED means the profile requires credentials or the supplied credentials are no longer accepted. Do not reuse personal passwords.

TLS key negotiation failed usually means the server is down, blocked or stale. Try a more recent server row.

Linux OpenVPN checklist

  • Install OpenVPN and NetworkManager OpenVPN plugin if needed.
  • Run one command-line test for clear logs.
  • Check route and DNS state after connection.
  • Prefer TCP 443 on restrictive networks.
  • Remove imported public profiles after testing.

Useful next pages

All guides How to use an .ovpn file What is an .ovpn file Import OpenVPN config on Windows Import OpenVPN config on Android Import OpenVPN config on iPhone and iPad Use OpenVPN configs on Linux OpenVPN UDP vs TCP OpenVPN port 1194 vs 443 VPN countries VPN server map VPN methodology

More OpenVPN and VPN testing pages

Frequently asked questions

Should I use NetworkManager or command line?
Use NetworkManager for convenience and command line for troubleshooting because it shows clearer logs.
Why does Linux need sudo for OpenVPN?
OpenVPN creates network interfaces and routes, which usually require elevated privileges.
How do I know DNS changed on Linux?
Check visible IP and inspect resolver state with tools such as resolvectl, nmcli or your distribution network settings.