Most VPN applications facilitate the use of the OpenVPN protocol. Choose it from a list of protocols on the configuration page and that is all, the application configures OpenVPN automatically, each time it is connected, and you do not have to worry about any of the low level technical details.
Except, well, sometimes you can take care of yourself. Have you ever wondered if a VPN is really giving you the 256-bit encryption that is announced, for example? The application may not clearly tell you, but if you can find out where to look, especially in the desks, there are other ways to find out.
Maybe you are looking for more details about the connection. What is the name or IP address of the server that your application is trying to achieve? If the application does not give you an UDP or TCP connection option, what are you using by default? Does the provider really use your own DNS server, or simply redirecting a public service? You can take a few minutes of detective work with the task manager and other tools, but there may be ways you can find out.
And if an OpenVPN connection fails, understand why it is often a real challenge, since the error messages of the application can be deceptive. But looking at the view under the OpenVPN hood can often give him the answer, and in this article we will explain exactly what he needs to do.
How does OpenVPN connect?
When you arrive at your VPN connection button, it is easy to assume that the application creates, manages and finally closes the OpenVPN connection for you. But reality is a little different.
What really happens is that the VPN application analyzes the location you have chosen, the configuration of your application and anything else that defines how the connection should work. Then, usually, save that configuration in a file and moves them to a command-line application of the OpenVPN official project. It is this application that establishes the connection and handles all difficult low-level things.
You may be able to find this OpenVPN file in your VPN application folders. It is often called OpenVPN.exe, and, for example, by default, the ExpressVPN Windows application has a copy in your C: \ ExpressVPN \ ExpressVPN \ ExpressVPND \ Windows folder.
Some suppliers build a special version of the file or just Rename. NORDVPN has openvpn-nordvpn.exe files of 32 and 64 bits in their files c: \ files \ NordvPN \ [Version] \ Resources \ Binar Folders, for example, and Turbo VPN includes VPNCore.exe in their program files c: \ Program (x86) \ TurboVPN \ Driver32 folder. If you are not sure, right-click on the file, select Properties, Details, and you must see your ‘OpenVPN project’ copyright and originally called OpenVPN.exe.
Why does this matter? The VPN application passes the configuration to OpenVPN using standard commands, and if you can find them, they will give you all the details about the connection and how it is configured.
OpenVPN: Under the hood
For more information about OpenVPN connections on a PC, first make an OpenVPN connection to any location with your VPN application. Then, start the task manager (press CTRL + left Shift + Esc), click on the Details tab and look for the OpenVPN process of your VPN. (Click on more details if the task manager displays its compact view).
Now scan through the process columns until you find your command line. If you do not see it, right-click on a column header, choose Select columns and check the ‘Command line’ box.
This is how the command line of our ExpressVPN application points to OpenVPN to its .OVPN configuration file, with the configuration we need:
“C: \ Program Files (x86) \ ExpressVPN \ ExpressVPND \ Windows \ OpenVPN.exe” –Config c: \ config \ expressvpn \ v4 \ config.ovpn921089 \ config.ovpn
This is how Nordvpn OpenVPN said about its OpenVPN-Config file:
“C: \ Program Files \ NordvPN \ 6.38.15.0 \ Resources \ Binaries \ 64bit \ OpenVPN-NordvPN.exe” –Config “C: \ ProgramData \ NordvPN \ Configs \ OpenVPN-Config”
If you can not see the command line in the task manager, click Search in the taskbar, type cmd, choose the Windows Command Processor and select Run as Administrator. Then, paste the command: WMIC process where “name as ‘% OpenVPN.exe%'” Get Processid, Commandline on the command line (Replacement of OpenVPN.exe with the name of the OpenVPN application from your provider) and press ENTER.
If the command line includes a route to a configuration file, as we have seen previously with ExpressVPN and NordvPN, you can open it in the notebook to see how your connection is configured. Let’s see that next.
Sometimes, the application passes all the configuration details completely on the command line, without using any file. That is enough to get very useful information.
Can not you still find the OpenVPN application from your provider, or see the details of the command line? Some VPN applications pass the information to OpenVPN in a way that users can not see. Pity, but not the end of the story, and we will give you another option to try it later.
OpenVPN settings useful
We assume that you have found your OpenVPN configuration, either in a file or on a command line. They are designed for developers, so do not be surprised if you have no idea what most of them mean. But you do not take you away. Keep scanning the list, some of them are genuinely useful.
If you wonder what encryption is using your connection, for example, if you are obtaining the announced AES-256, look for an ‘encryption’ command. Our Expresvpn file included the ‘Cipher AES-256-CBC’ line, for example, that provides us with the AES-256 encryption using the content block chain, exactly what we expect.
Maybe be curious about the IP or host name of the VPN server, and your application does not tell you? Find the ‘remote’ command. Our Expresvpn file contained the line ‘Remote 85.203.34.86 4283’, which gives us the IP address of the VPN server and the connection port.
Some applications specify how the VPN is connected to the end of the remote command, adding ‘UDP’ or ‘TCP’.
Is the application using a third-party DNS server without telling you? There are no problems with ExpressVPN, use only your own DNS. However, check your configuration for a command, such as ‘DHCP-Option DNS 1.1.1.1’, and run a search of the IP address to see what service you are trying to use the application. (This could be your own DNS, but if it really is 1.1.1.1, that is cloudflare).
If you are really interested and you want to try to decipher everything, the OpenVPN official manual has more, even if it is careful, you will need a lot of time and knowledge to solve everything.
Records of OpenVPN.
Understanding how your OpenVPN connection is configured, it may be interesting, but the real value comes in any OpenVPN record. Can not you log in, for example? VPN applications may provide a general message of “connection error”, as they do not know more (they are leaving OpenVPN.exe to establish the connection), but OpenVPN records are often more useful.