How to setup ExpressVPN OpenVPN using Ubuntu Network Manager

To use our apps and configurations, please sign up for an ExpressVPN account first.

Use the following rough steps to setup ExpressVPN on Linux. The details of these steps will depend on your flavor of Linux. In general, you’re setting up an OpenVPN connection using our configuration files.

  1. Open the Welcome Email you received when you signed up for ExpressVPN. Click the link in the email.welcome to expressvpn - emailIf you can’t find the link, log in to our website.

    log in to

    Once you’ve clicked the link in the welcome email or logged in to the website, click on Set Up ExpressVPN on the Active Subscriptions page. This will take you to the Downloads page.

    vpn downloads page

  2. On your downloads page, select Linux & Routers OpenVPN and then download and save the .ovpn file(s) or locations (e.g. Los Angeles, New York, etc.) that you wish to connect to.linux & routers openvpn
  3. Still on your setup page and still under the Linux & Routers OpenVPN setup option, scroll-down to “3. Optional” and click on the download link for your VPN certificates and keys to download your SSL zip file
  4. Extract the downloaded zipped file.
  5. Launch a Terminal session, and then enter the following command:sudo apt-get install -y network-manager-openvpnscreenshot
  6. Click on your Network Manager icon on your desktop bar Notification Area. This icon can be in the shape of 2 computer screens computer screen icon or arrows arrows icon or a wireless signal meter wi-fi icon if you use a Wi-Fi connection.
  7. Click on Edit Connections.edit connections
  8. On the Network Manager Applet, click on the Add button, then select “Import a saved VPN configuration…” and then click on Create…import saved vpn configurationcreate connection
  9. Browse for one of the *.ovpn files that you’ve downloaded (on Step 2), then click on .ovpn file
  10. After importing the config file, you will need to manually import the User Certificate (client.crt), CA Certificate (ca.crt) and Private Key (client.key) by using the SSL files obtained on Step 3. See example below:import user certificate, ca certificate, private key
  11. Next, click on the Advanced… button.
  12. Under the General tab, make sure to following boxes are checked:
    • Use LZO data compression
    • Use custom tunnel Maximum Transmission Unit (MTU): 1500
    • Use custom UDP fragment size: 1300
    • Restrict tunnel TCP Maximum Segment Size (MSS)
    • Randomize remote hosts

    copy the settings, check the boxes

  13. Under the Security tab, make set the Cipher to “BF-CBC” and HMAC Authentication to “SHA-1set cipher and hmac authentication
  14. Go to the TLS Authentication tab and enable/check “Use additional TLS authentication
  15. For the Key File, browse for the “ta.key” file (included in the SSL files that you’ve downloaded under Step 3) and for the Key Direction, set it to 1.tls authentication
  16. Click OK to finish the setup.
  17. Reboot your computer.
  18. To connect to the VPN, just click on your Network Manager icon, then point to “VPN Connections” and then click on the VPN connection that you have configured.vpn connections
  19. The icon will blink for around 10-30 seconds.  Once the VPN is connected, you will see a message stating the VPN connection has been successfully established.  You will also see a “lock” on the top bar of the Network Manager icon.vpn login message

To check that you’re connected OK, go to and check that you now have one of our IPs. Also try going to or other sites that are usually blocked for you and make sure they work now.

Running into problems with these steps or have suggestions to improve them?

Please let us know. Thanks!

Was this article helpful to you?16 1 Undo

Not an ExpressVPN user yet? Sign up today so you can start using our apps!

Install ExpressVPN on all your devices!

windows apple android ios linux chrome ebooks phones consoles router nas share