I recently signed up for TryHackMe, a CTF-style online platform for learning cyber security, using hands-on exercises and labs. I prefer to use my own tooling (Kali) in a local virtual machine rather than the browser-based Attack Box. This requires an OpenVPN tunnel connection.

I discovered that while you can use Kali's default VPN client, you need to make a few configuration changes once you import your personalized .ovpn configuration file.

Note: This assumes you have configured your LAN to use a private IP range of 192.168.0.0/16 which virtually all SoHo routers do. (If you've reconfigured your router to address in 10.0.0.0/8 you probably don't need this guide.)

Step 1 - Download & Import your Configuration File

Click the Network Connections menu in the quick launch bar (top right), choose VPN Connections > New, choose Import A Saved VPN Confiruation... and provide your <tryhackme-username>.ovpn file.

Step 2 - Tweak Routes

Open the configuration's settings and choose the IPv4 Settings Tab, and click Routes....

Check off Use this connection only for resources on its network

Without this, all traffic will pass over the VPN tunnel, which has the negative side-effect of blocking anything that isn't served from the TryHackMe 10.0.0.0/8 network.

Step 3 - Set tool scope

You could additionally set scope of tools like BurpSuite to TryHackMe's IP range: