Starting OpenVPN client automatically at boot
Solution 1
Edit /etc/default/openvpn
. Just press Ctrl+Alt+T on your keyboard to open Terminal. When it opens, run the command(s) below:
sudo gedit /etc/default/openvpn
Uncomment the AUTOSTART="all"
line. Save and close. Reboot your system.
Solution 2
If you're on systemd (16.04) , configured AUTOSTART="all" and it's still not starting pay attention to this:
> # If you're running systemd, changing this variable will
> # require running "systemctl daemon-reload" followed by
> # a restart of the openvpn service (if you removed entries
> # you may have to stop those manually)
Just do a
systemctl daemon-reload
and then restart the service
sudo service openvpn restart
Solution 3
You can put auth-user-pass filename
in your anonine.ovpn
where filename
is the file with username/password on 2 lines.
Make sure that filename
is properly secured, because it will contain plain username/password.
This is from openvpn --help
:
Client options (when connecting to a multi-client server):
--auth-user-pass [up] : Authenticate with server using username/password.
up is a file containing username/password on 2 lines,
or omit to prompt from console.
You also can add your certificate to your anonine.ovpn
adding it this way:
<ca> -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- </ca>
Solution 4
If a username / password is not required in order to connect, then rename the .ovpn files to have an extension of .conf.
OpenVPN should connect on boot, even without autostart=all.
If a username/password is required,
edit the .conf file
edit auth-user-pass user-password-filename
Create a file containing:
username
password
If you want to connect with Network Manager, make sure you first do:
sudo apt-get install network-manager-openvpn
Make sure your Ubuntu is at least 14.04. This doesn't work on 12.04.
If you don't have your ca.crt, client.crt, etc, extract them from .conf.
With Network Manager, create a new VPN connection or import your conf.
Add the certificates and ta.key.
Routes, use connection only for resources on its network.
Edit your Internet connection with network manager. Choose connect with VPN, then choose your VPN connection.
Solution 5
While it might not be of interest to the OP, I was frustrated by this service not starting until login--either graphical, or one of the Ctrl+Alt+F# TTYs. I eventually realized that my machine would only connect to wifi when I logged in. Combining the other answers here with the standard advice to run sudo update-rc.d openvpn defaults
, and with the first answer at this other question worked for me. Perhaps this might help another Googler.
Related videos on Youtube
Admin
Updated on September 18, 2022Comments
-
Admin over 1 year
I'm trying to get OpenVPN to start automatically at boot. Today I have to manually type in
sudo openvpn --client --config $HOME/openvpn/anonine.ovpn --ca $HOME/openvpn/anonine.ca.crt
followed by username and password. Is there a good way to make this automatic at boot?
-
Leon Straathof over 9 years(i) How can one start a specific VPN that way? (ii) Who supplies authentication for a connection initiated in this way (can it initiate connections without the username-password combination being stored in plain text)? (iii) If possible, cli methods are preferable (allows implementation on a headless server). I can substitute
nano
forgedit
, but I can't use nm-applet to store credentials in the keyring. -
Mitch over 9 years
-
Leon Straathof over 9 yearsMuch obliged. As far as I can tell the answer to (i) (which is well within the scope of this question) is that
AUTOSTART="all"
attempts to start every.conf
file in/etc/openvpn
(I'd love to have confirmation, though). An answer to (ii) is also reasonably scoped withing this question--you can't automatically initiate a VPN connection unless the secrets are available without user input (keychain being preferable to plain-text for obvious reasons). I admit that (iii) is extracurricular and might well merit a new question. None of them are answered in these links, that I can see, though. -
BxlSofty over 7 yearsAs the comment in the picture states, the default for AUTOSTART is actually "all". This edit is consequently not needed, in my opinion.
-
GuSuku about 7 years@YvesB Default is "all" only when AUTOSTART is uncommented and empty
-
yosefrow almost 6 yearssystemctl daemon-reload instead of reboot
-
Dimitri Kopriwa over 3 yearshow do you specify the
.ovpn
? -
Shayan over 3 years
eventually realized that my machine would only connect to wifi when I logged in.
Same issue here! -
Patryk Cieszkowski about 3 years@DimitriKopriwa just rename
.ovpn
to.conf
.