I recently got a few NordVPN licenses, so I gave it a try. The GUI client on Linux seems extremely limited, so settings things up requires some good old shell commands.
Basic installation/setup
Documentation can be found here:
linux> sh <(curl -sSf https://downloads.nordcdn.com/apps/linux/install.sh)
linux> nordvpn login
FIXME: Apply serial/license
linux> sudo usermod -aG nordvpn $USERAt that point you’ll need to reboot in order to apply the new group membership (at least that’s the easiest version).
linux> nordvpn register
<...>
linux> nordvpn account
Account Information:
Email Address: user1@mydomain.de
VPN Service: Active (Expires on Jun 8th, 2025)
Dedicated IP: Inactive
linux> nordvpn connectBasic commands
Connect to a certain country endpoint:
linux> nordvpn countries
Albania
Algeria
<...>
Venezuela
Vietnam
linux> nordvpn cities Austria
Vienna
linux> nordvpn connect Vienna
Connecting to Austria #144 (at144.nordvpn.com)
You are connected to Austria #144 (at144.nordvpn.com)!Exclude some (local) subnets from VPN access (e.g. to access local servers while using VPN):
linux> nordvpn whitelist add subnet 192.168.1.0/24
linux> nordvpn whitelist add subnet 192.168.2.0/24My firewall also reported some odd outgoing connections (to ports 8765/tcp and 3478+3479/udp).
192.168.1.X:38782 169.150.218.112:3479 udp
192.168.1.X:60464 169.150.218.109:3478 udp
192.168.1.X:58964 138.199.63.250:8765 tcpBoth connections stopped once nordvpnd was stopped.
At least the UDP connections seem to be caused by a NordVPN feature called meshnet (not sure about the TCP ones yet). If you do not require this feature you can disable it like this:
linux> nordvpn set meshnet off
Meshnet is set to 'disabled' successfully.To see all current settings use this:
linux> nordvpn settings
Technology: NORDLYNX
Firewall: enabled
Firewall Mark: 0xe1f1
Routing: enabled
Analytics: enabled
Kill Switch: disabled
Threat Protection Lite: disabled
Notify: enabled
Tray: enabled
Auto-connect: disabled
IPv6: disabled
Meshnet: disabled
DNS: disabled
LAN Discovery: disabled
Virtual Location: enabled
Allowlisted subnets:
192.168.1.0/24
192.168.2.0/24