To get started, you will need to download an OpenVPN client GUI. The example below will use Tunnelblick - a free, open source graphic user interface for OpenVPN on OS X and macOS.
It comes as a ready-to-use application with all necessary binaries and drivers (including OpenVPN, easy-rsa, and tun/tap drivers).
No additional installation is necessary — just add your OpenVPN configuration and encryption information.
To install this GUI, follow the steps below:
- Download the stable version of Tunnelblick. It is a disk image file which contains the GUI, the OpenVPN software, and some documentation.
- Double click the Tunnelblick disk image (.dmg) file you just downloaded.
- Double-click on the Tunnelblick icon in the Tunnelblick disk image Finder window.
- A dialogue box will appear saying, "Tunnelblick is an application downloaded from the Internet. Are you sure you want to open it?" Click Open.
- Another dialogue box will appear and ask for an administrator username/password to install Tunnelblick. Enter the administrator credentials and click the OK button.
- A "Welcome" message will appear after the installation is complete. Click the "I have configuration files" button. You should have received an OpenVPN connection profile in an email from Blazing SEO after your purchase of the VPN service. If you have not downloaded the attachment, click "I DO NOT have configuration files" - they can be added later.
- When there are no configurations (which is usually the case the first time Tunnelblick is run),
the "Welcome to Tunnelblick" window will appear. Follow the instructions to add configurations.
Once Tunnelblick has been launched, you can control it from the Tunnelblick icon in the Status Bar at the top right hand corner of your screen. When no VPN connection is active, the icon is dim.
If you click on the icon, you'll see a drop down menu. The menu has the following items:
- A line showing the status your VPN connections and allows you to quickly disconnect all VPNs.
- A "VPN Details" item which will open a window with details and an OpenVPN log for each connection.
- A "Connect” item for each configuration that has been set up. If there are no configurations, an "Add a VPN..." item will appear instead.
- A "Quit" item
If you click on "Details", a new window will appear with a tab for each configuration. Each tab includes preferences, the OpenVPN log, and several buttons.
You may use the standard keyboard shortcuts in the "Details" window: Command-C, Command-X, and Command-V for copy, cut, and paste; and Command-A to select all the text in the log that is currently being displayed, Command-M to minimize the window to the dock, Command-W to close the window, and Command-Q to quit the program.
- If you have not already downloaded the OpenVPN connection profile, you will need to do that to proceed. You should have received a link to your dashboard in an email from Blazing SEO. You will need to download this profile from the dashboard, if you have not already. To do this navigate to "My Services" at the top of the dashboard page and get to your VPN service page. Click the download button as shown by clicking here. This profile will be a file with the extension ".ovpn". If you have already downloaded the file, then drag and drop the profile file on the list of configurations.
- Tunnelblick will ask you: "How do you wish to install VPN configuration, so that only you can use it, or all users? Choose your preference.
- A dialogue box will appear and ask for an administrator username/password. Enter the administrator credentials and click the OK button.
- Now, you should see your successfully installed VPN connection profile.
- Now, you can try to connect with your new VPN connection using the menu in the top right hand corner. Open the menu and click "Connect...".
- While your connection is in progress, yellow text will appear in the Tunnelblick status window.
- Once connected, the yellow text will turn green.
- To be sure that you are connected through the VPN, navigate to the website "www.whatismyip.com" and see that your IP address is different than it was before connecting to the VPN.
- In case of connection problems, select the item [Details...] to check the OpenVPN's log messages.
To disconnect from a VPN, you have three options:
- Click on the "Disconnect" menu item for the connection profile.
- Select the configuration in the list on the left of the "VPN Details" window, then click on the "Disconnect" button.
- Quit Tunnelblick. All connections that are not marked "automatically connect when the computer starts" will be disconnected before Tunnelblick quits.
If you want to verify that the IP address that the VPN server has assigned to you, actually belongs to the remote LAN with which you are connected, you have to open a Mac OS X Terminal and at the prompt of the shell type the command:
the result looks like this:
tap0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.250.1 netmask 0xffffff00 broadcast 192.168.250.255
open (pid 368)
The line that starts with inet shows you that the VPN IP address assigned to you is 192.168.250.1 (by default Zeroshell issues IP addresses which belong to the subnet 192.168.250.0/24 with 192.168.250.255 as the Default Gateway). To be sure that the IP traffic is actually routed across the VPN and hence encrypted, you must check that the IP Address and the Default Gateway assigned to the TAP Virtual Interface belong to the remote LAN you are connected. To better check this condition, you could also use the traceroute -n <Remote IP Address> command: if the first hop that is printed belongs to a subnet of the remote LAN (192.168.250.255 by default) then your VPN works fine and the traffic that reaches the remote site is encrypted across Internet.