As explained earlier, the guide will be divided into the each of these respective environments:

• KDE
• All Linux Distros – NetworkManager
• Linux Mint 17.2 Installation Video

Please take note that this guide has been prepared in a manner assuming that you have basic knowledge about Linux.

Before proceeding with the tutorial, please make sure that you have:

1. Installed OpenVPN
2. Downloaded your keys from the dashboard and extracted them to /etc/openvpn/.
   Your keys should be placed in /etc/openvpn/keys with certificates in /etc/openvpn/certs for security purposes. You will need to change the permissions of your keys and cert to 600 by using the chmodcommand on the command line.

KDE

1. First of all, head to Network Settings, under System Settings.
   
    
2. Click on the VPN tab. Then proceed to Add > OpenVPN. Otherwise, use the Import function if you are familiar with the settings.
   
   
3. Next, we will go on about making your configuration profiles. For this example, we will be using a Fully-Routed Luxembourg server. For more servers, please open any one of the .ovpn files using your favourite text editor.Under OpenVPN>Required Settings, complete the fields appropriately as described below. Please make sure that both Connect Automatically and System Connection are checked.Connection Name: BolehVPN FullyRouted Luxembourg #1 (To identify the connection)
   Gateway: The server IP that you are connecting to. Refer to the server’s particular ovpn file. (e.g. FullyRouted Luxembourg will be 94.242.228.140)
   Connection Type: X.509 Certificates
   CA File: /etc/openvpn/certs/ca.cert
   Certificate: /etc/openvpn/certs/yourusername.cert
   Key: /etc/openvpn/key/yourusername.cert
4. Click on Optional Settings and complete the necessary fields as follow:Gateway Port: 443 (Please refer to the respective ovpn file for this)
   LZO Compression: Checked
   TCP Connection: Checked only when connecting via TCP for US-Surfing/StreamingTCP and TCP443.

   

5. Under Optional Security update the following entries: 

   Cipher: AES-256-CBC
   HMAC Authentication: SHA-512
   
   

6. Continue on with Optional TLS Settings and check “Use Additional TLS Authentication“. Under key, enter the file path to the ta.key file: /etc/openvpn/keys/ta.key. Set Key DirectionasClient (1)
   
   
7. In the event where you are utilizing our servers in which proxies are required, make sure you check Use this connection only for resources on its network under IPv4 Settings > Routes. Otherwise, keep it unchecked.
8. With this, you should be done with configuring your OpenVPN profile. To connect to the OpenVPN server, simply click on the connection name under the network manager icon  which can be usually found on your taskbar.
   
   
9. To disconnect, there should be a disconnect button near the connection, depending on which distro you are on.
   
   

This concludes the KDE section of the guide. For more information, please visit this thread on our forums.
All Linux Distros – NetworkManager

1. Ensure that you have the OpenVPN plugin for the NetworkManager, “network-manager-openvpn”. Be sure to look for any related plugin names, especially anything listed for the GUI and Applet.
2. Starting out, click on the NetworkManager icon on your top panel then click Configure VPN.
   
   
3. Click on the VPN tab. Then proceed to Add > OpenVPN. Otherwise, use the Import function if you are familiar with the settings.
   
   
4. At this point, the a new window will pop up, asking you to pick a VPN connection type. Select OpenVPN from the drop down list.
   
   
5. Next, we will go on about making your configuration profiles. For this example, we will be using a Fully-Routed Luxembourg server. For more servers, please open any one of the .ovpn files using your favourite text editor. 

   Under OpenVPN, complete the fields appropriately as described below. Please make sure that bothConnect Automatically and System Connection are checked.Connection Name: BolehVPN FullyRouted Luxembourg #1 (To identify the connection)
   Gateway: The server IP that you are connecting to. Refer to the server’s particular ovpn file. (e.g. FullyRouted Luxembourg will be 94.242.228.140)
   Type: Certificates (TLS)
   CA File: /etc/openvpn/certs/ca.cert
   Certificate: /etc/openvpn/certs/yourusername.cert
   Key: /etc/openvpn/key/yourusername.cert

   Somewhere in this setup process, a window will pop up, asking for your root or sudo password depending on your Linux version. Make sure to add it in, because OpenVPN needs to run as root. To avoid this again in the future check ‘Available to all users’.

6. Move on to click on Advanced > General then continue to complete the option as follows:
   
   User Custom Gateway Port: Checked
   Gateway Port: 443
   LZO Compression: Checked
   TCP Connection: Check only when connecting via TCP for US-Surfing/StreamingTCP and TCP443.
   
   
7. Under Optional Security update the following entries:Cipher Setting: AES-256-CBC
   HMAC Authentication: SHA-512
   
   
8. Move on to the next tab, TLS Authentication and make sure Use Additional TLS authentication is checked.Click on the folder icon and navigate to /etc/openvpn/keys/ta.key. Under Key Direction, select 1.
   
9. In the event where you are utilizing our servers in which proxies are required, make sure you check Use this connection only for resources on its network under IPv4 Settings > Routes. Otherwise, keep it unchecked.
   
   
10. Once you are done, accept the changes made and you are ready to connect. Again, under the Network Manager icon, navigate to VPN Connections and proceed to select the profile that you have just made. (In this case FullyRouted-All)
    
11. Depending on your Linux version, once you are connected you might see a lock in the NetworkManager icon appear. On successful connection:
    
12. In order to disconnect, again, under the Network Manager icon, move to VPN Connections and select Disconnect VPN.
    

For more information, please visit this thread on our forums.
Linux Mint 17.2 Installation video

You will have noticed several configuration options from the drop-down menu. This is probably the most important part of the setup since failing to understand what each configuration does may prevent you from getting the most out of BolehVPN.

In a nutshell, there are 6 main types as shown in the table below:

Each of these configurations have their distinct purposes, therefore it is important to read through this section carefully to utilize this service to its maximum extent.

BolehVPN is one of the few VPN providers that offers a wide range of options all in one package.

a. Proxied

Server locations: Canada, Germany, Netherlands, Switzerland, UK

All these configurations are in a proxied setup which means you will need to set up your software before using the VPN. Any software that is not configured will go through your regular unprotected internet connection. Proceed to Step 4 to learn how to configure your software when you are ready.

Pros

• Does not affect other latency sensitive applications like MSN/surfing/gaming therefore you can do all your other tasks without feeling any slowdown. VPNs in general add latency to your connection.
• Works well for most purposes and well seeded torrents
• If properly configured, an interruption of your connection to our VPN servers will not leave you exposed.

Cons

• You will not be fully connectable and will appear as firewalled. This is inevitable as it uses a proxy. This might reduce your ability to connect to peers and is relevant when the seeder/peer ratio is bad or there are very few people on the torrent. This also gives you LowID with Emule
• Requires the program you wish to pass through the VPN to have SOCKS Proxy support and be configured appropriately.
• Some programs due to faulty programming do not use the VPN proxy exclusively and may still use your regular connection for certain connections. Therefore this is not suitable for those who wants complete privacy.
• Slightly higher overhead due to usage of a SOCKS proxy.

b. Fully Routed

Server locations: Canada, France, Germany, Luxembourg, Netherlands, Singapore, Sweden, Switzerland, UK

‘FullyRouted’ is different where all your data is automatically routed to the VPN. This means everything including surfing, internet messengers (Skype) and any other software that requires internet-connection will have go through the VPN.

You do not need to configure your programs to use the VPN if you use this.

Pros

• Offers a high degree of privacy/security for your internet enabled applications
• Painless setup since once you are connected to the VPN; you need not configure anything else
• May work better with poorly seeded trackers

Cons

• Increases latency/lag on all other applications that means surfing, Skype and everything else that uses the internet will have a longer reponse time due to the additional route your internet connection has to take.

c. Surfing/Streaming

Server locations: United States, United Kingdom, Malaysia, Italy, Japan

The Surfing/Streaming servers CANNOT be used for P2P but is especially good for streaming US-only content such as Hulu, Pandora, Veoh and such.

Note that there are SurfingStreamingTCP options that are intended only for people with firewalls that do not allow UDP connections. Please stick with the standard servers if possible as they are faster and more stable unless absolutely necessary.

Specifying a proxy is unnecessary. It works similarly as the ‘Fully-Routed’ configurations where you could just connect and start surfing!

However certain internet-enabled programs might not work while this setting is applied.

d. Cloak

Server location: Canada, France, Germany, Italy, Singapore, Japan, United States, United Kingdom

In order to bypass the strict internet firewall in countries such as China and Iran, we have prepared the Cloak configurations, an improvement our older xCloak configurations.

Please take note that the Cloak configuration also has suffixes that determines the type of connection it will make, which corresponds to the other 3 configurations mentioned above.

For CloakProxy, proxy settings must be configured and this can be viewed in Step 4.

e. TCP Servers

Server location: Canada, France, Germany, Italy, Singapore, United States, United Kingdom

The TCP servers suffixes in some of our configuration allows you to bypass corporate/campus firewalls. This should be only used if you are unable to connect to our servers due to a firewall. This works on majority of the firewalls but there are still setups out there that can block it. You can also use this if you suffer from a poor internet connection with packet loss. Please note that the TCP protocol will not be as fast as the other UDP servers.

These servers work as Proxied, FullyRouted, SurfingStreaming, CloakRouted, or CloakProxy servers based on the name, meaning you would need to configure your software to use proxies in order to divert the traffic through the VPN only if you use the Proxied-TCP servers. You can see this is done in the next step.

f. BolehGeo

Server location: Canada, Netherlands, Singapore

BolehGeo allows you to access sites that are restricted to US address without the use of a VPN. In other words, the lag and overhead inherent from using a VPN are eliminated, thus faster streaming speeds can be observed. This would also means you won’t be getting the privacy and security benefits that would otherwise be present with the use of a VPN.

Please take note that this feature is strictly for making your computer to appear from the US on geo-specific media sites.

We have tested this list of streaming services and found that they work well with this new feature.

1. Hulu
2. Netflix
3. Hulu Plus
4. HBOgo
5. Pandora
6. Fox
7. Crunchyroll
8. CBS
9. Youtube

Do let us know if there are any geo-restricted sites for the US that you would like to see added to this list and how this works out for you! Remember to clear your cookies before trying out the sites!

Now it’s time to configure your programs!

If you are using ‘Proxied’ or TCP443Server, you would need to configure your programs to go through the VPN (unless you don’t want them to).

Fully Routed and Surfing/Streaming configurations do not require these additional steps as all your data will be redirected through the VPN automatically once you are connected.

Make sure you have the Use this connection only for resources on its network box checked under IPv4 Settings > Routes. Otherwise, keep it unchecked.

Torrent Clients

For any torrent clients, please enter the following:

Hostname: 10.10.10.1
Port: 1080 (SOCKS)
No authentication

Other Softwares

Make sure to enter the following details in the relevant fields:

Hostname: 10.10.10.1
Port: 808(HTTP) or 1080 (SOCKS)
No authentication

You can also always drop by our Support Forums to ask for help in configuring a particular program.

If you do need help, there’s a few options available for you.

1. First of all, have a read through our FAQ and see if there’s an answer to your question there. 
2. If you don’t find an answer, submit a support ticket and we’ll get back to you. Do note that we’ll need the logs from the Log tab of the BolehVPN client, as well as info about your system (antivirus / firewall status).
3. Register for and check out our support forum for other info, or make your post here for help.