What is the purpose of OpenVPN's /etc/openvpn/{client,server} directories?

vpn openvpn debian
9,100

Solution 1

In v2.4 they introduced new systemd service profiles tailored for client resp. server applications.

As of OpenVPN v2.4, upstream is shipping systemd unit files to provide a fine grained control of each OpenVPN configuration as well as trying to restrict the capabilities the OpenVPN process have on a system.

These new unit files separates between client and server profiles. The configuration files are kept in separate directories, to provide clarity of the profile they run under.

Typically the client profile cannot bind to any ports below port 1024 and the client configuration is always started with --nobind.

source

It remains backward compatible, i.e. you can still store your .conf file in /etc/openvpn.

  • If your configuration is in /etc/openvpn/MyVpn.conf,
    use systemctl start openvpn@MyVpn to start the service

  • If your configuration is in /etc/openvpn/client/MyVpn.conf,
    use systemctl start openvpn-client@MyVpn to start the service

  • If your configuration is in /etc/openvpn/server/MyVpn.conf,
    use systemctl start openvpn-server@MyVpn to start the service

Solution 2

I'm unable to post a comment above in response to 3dGrabber's answer since my reputation in this neck of the SE woods is too low. I wanted to point out a mistake in said answer for those who come via searching so they aren't left scratching their heads when this fails somewhat cryptically.

systemctl start [email protected] should be:

systemctl start openvpn-client@MyVpn

and

systemctl start [email protected] should be:

systemctl start openvpn-server@MyVpn

The .service suffix was likely mistaken from the file that's created upon systemctl enable ...

Share:
9,100

Related videos on Youtube

ezaquarii
Author by

ezaquarii

Updated on September 18, 2022

Comments

  • ezaquarii
    ezaquarii over 1 year

    Ubuntu/Debian OpenVPN package contains 2 mysterious directories:

    dpkg -L openvpn
...
/etc/openvpn/client
/etc/openvpn/server
...

    I'm wondering what is the purpose of those directories? All tutorials advice placing files directly in /etc/openvpn/ and init/systemd scripts also pick config files from there.

    Chroot? But then, why 2?

  • AndreasT
    AndreasT almost 5 years
    Please see szr's answer for corrections. The .service file does not exist in the beginning.
  • 3dGrabber
    3dGrabber almost 5 years
    fixed. ty all .
  • Jerther
    Jerther about 2 years
    Placing config files in the client folder does not seem to work with AUTOSTART="all"

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

OpenVPN connects but no internet access
How to use openvpn for browsing
Route internet traffic from openvpn tun0 to eth0
Create own ovpn file from using certificate and key
OpenVPN bypass on some ports
Auto connect and reconnect to VPN on Debian 8
Can you set OpenVPN to auto-connect to 'fallback' .ovpns in case the current one fails?
Debian OpenVPN server with multiple users
OpenVPN --up script - "could not execute external program"
Is it possible to setup a VPN on Heroku?