Thank you for opting to take the OffSec Penetration Testing with Kali Linux (PEN-200) training. The following document contains instructions for connecting to our online VPN labs and other useful information, which will help you get the most out of the course and labs. Please read it carefully.
- PEN-200 Online Lab Introduction
- Connecting to the Labs
- vLAN IP Information
- Technical Problems
The PEN-200 labs are an important part of the online course. The lab allows the learner to implement and practice various penetration testing techniques in a legally safe environment.
Every learner will receive access to their own environment. Within that environment, the learner can start sets of machines (called Challenge Labs) that are designed to help the learner work through particular penetration testing problems. As a learner progresses through the Challenges, they will encounter progressively more difficult and more varied sets of machines with greater complexity and dependencies. The final challenges are reminiscent of the current lab environment, where learners will have to compromise a large and rich network. More information about the specific Challenge Labs can be found in the General Course Information Module.
Your connection to the lab is to be done with Kali Linux using OpenVPN. We are unable to provide any VPN connectivity support if you choose to use another setup. It is also highly recommended that you download and use the Kali VMware image for the most streamlined experience. For more information, please visit the following link: https://help.offsec.com/hc/en-us/articles/360049796792
You can download the "VPN Connection File" to your Kali Linux machine, from the "Labs" tab of your OffSec Learning Library control panel. Use OpenVPN to initiate the VPN connection to the labs.
Once downloaded you will find an ovpn file that you will use to connect to the VPN as shown below. Please note no credentials are needed to connect as seen below:
kali@kali:~$ sudo openvpn universal.ovpn
2023-03-09 02:26:53 Note: Treating option '--ncp-ciphers' as '--data-ciphers' (renamed in OpenVPN 2.5).
2023-03-09 02:26:53 OpenVPN 2.5.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 5 2022
2023-03-09 02:26:53 library versions: OpenSSL 3.0.4 21 Jun 2022, LZO 2.10
2023-03-09 02:27:08 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
2023-03-09 02:27:08 UDP link local: (not bound)
2023-03-09 02:27:08 UDP link remote: [AF_INET]x.x.x.x:1194
2023-03-09 02:27:11 [offensive-security.com] Peer Connection Initiated with [AF_INET]x.x.x.x:1194
2023-03-09 02:27:12 TUN/TAP device tun0 opened
2023-03-09 02:27:12 net_iface_mtu_set: mtu 1500 for tun0
2023-03-09 02:27:12 net_iface_up: set tun0 up
2023-03-09 02:27:12 net_addr_v4_add: 192.168.x.x/24 dev tun0
2023-03-09 02:27:12 Initialization Sequence Completed
Do not close this window, otherwise, your VPN connection will terminate!
Once connected, leave that window open. In a new shell, determine the IP address that you have been assigned as follows:
kali@kali:~$ sudo ifconfig tun0
Please read this part extremely carefully.
By connecting to the OffSec VPN, you will be connecting to a potentially hostile environment. Although no traffic is directly allowed between student machines (by design), you must be vigilant at all times. This is true even if you are located behind a NAT device. Please take the proper precautions to protect your client computer and ensure you change your root password prior to connecting to the VPN.
In the OffSec labs environment, oftentimes the allocated IP address on your student vLAN may change from time to time, therefore we can provide some guidance on how to reduce the impact of this, by following the recommendations outlined in the Common VPN Connectivity Issues guide.
First, please ensure that you have Internet connectivity within your Kali Linux virtual machine. For basic network configuration on Kali, you can refer to the Kali documentation site at: http://docs.kali.org
If you do have Internet connectivity and are still unable to connect to the labs, ensure you are not behind any firewalls that are preventing you from establishing an outbound connection to the labs on UDP port 1194.
If you are still having connectivity problems or non-training-related issues, please take a look at the article here for the most common issues experienced. Should you still have issues, please contact us and we will try to help you to the best of our abilities.
You can email us at help AT offsec DOT com.
We wish you a productive and enjoyable time in our labs!