How to bypass OpenVPN censorship using Tor proxy (Linux)

Some governments block access to VPNs protocols: L2TP, PPTP, OpenVPN, but you can bypass it!

Before beginning you have to know :

  1. You will need a computer to use as your Tor proxy server, it must be a different computer than the one you will connect to OpenVPN with.
  2. The Tor proxy server needs to be with the OpenVPN client(s) on the same network
  3. If you’re using your own VPN server, it must be in a country that doesn’t block OpenVPN protocol, this way to bypass OpenVPN censorship is for the clients not the server

That’s how to do it on (Ubunu, Debian, or Fedora)

The Tor proxy server

Install torand obfs4proxy from your distrobution package manager

for Ubuntu/Debian

# apt-get install tor obfs4proxy -y

for Fedora

# dnf install tor obfs4proxy -y

Edit /etc/tor/torrc file using your favorite text editor and add the following into a new line


If Tor is blocked where you are, you will need to add bridges

Get obfs4 bridges line form here if isn’t blocked in your country, other wise you should email an email containing :

get transport obfs4

Your mail have to be Gmail, RiseUp, or Yahoo

Then add these lines to /etc/tor/torrc

UseBridges 1
ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed

Then add the bridges lines you got in the mail to /etc/tor/torrc and add the word Bridge before each bridge line

For example :

Bridge obfs4 F840FE1E2... cert=nxtMXyCA.. iat-mode=0

If you’re using ufw firewall, you should permit port 9050/tcp

# ufw allow 9050/tcp

Rule added

Rule added (v6)

# ufw disable

Firewall stopped and disabled on system startup

# ufw enable

Firewall is active and enabled on system startup

The OpenVPN Client

Edit your ovpn file and add the following lines before <ca> tag

socks-proxy 9050

and replace with the proxy server address

Install openvpn on Fedora with

# dnf install openvpn -y

and on Ubuntu/Debian using

# apt-get install openvpn -y

Using openvpn Command

# cd
# openvpn --config config.ovpn

and replace path/to/openvpn/config/ with the path to the directory containing the .ovpn file

you should see Initialization Sequence Completed after a few seconds when you’re connected

Using NetworkManager

# nmcli con import file config.ovpn type openvpn
# nmcli con edit con-name ConnectionName

replace path/to/config.ovpn with the path to the .ovpn file, config with the name of the file (before .ovpn), and replace ConnectionName with the name you want to the openvpn connection

# nmcli con upConnectionName

You should see Connection successfully activated

Blog Logo






Back to Overview