mO SharemO Share

OpenVPN Client on Ubuntu 16.04

Introduction

Following shows the easy installation of the openvpn client with a auto-login certificate.

Prerequisites

You require a client.ovpn file which should be given to you before hand by the OpenVPN Administrator.

Install and Setup

  1. Install the openvpn client

    sudo apt-get install openvpn
  2. Copy the client.ovpn to /etc/openvpn and rename if to client.conf

  3. Enable the auto start of the service within systemd


    user@user-desktop:~$ sudo systemctl enable openvpn@client.service
    Created symlink from /etc/systemd/system/multi-user.target.wants/openvpn@client.service to /lib/systemd/system/openvpn@.service.
  4. You can now start the client

    user@user-desktop:~$ sudo service openvpn@client start
On this page:

Verify Connection

  • Check the client status 

    user@user-desktop:~$ sudo service openvpn@client status
    ● openvpn@client.service - OpenVPN connection to client
       Loaded: loaded (/lib/systemd/system/openvpn@.service; disabled; vendor preset: enabled)
       Active: inactive (dead)
         Docs: man:openvpn(8)
               https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
               https://community.openvpn.net/openvpn/wiki/HOWTO
    user@user-desktop:~$ sudo service openvpn@client start
    user@user-desktop:~$ sudo service openvpn@client status
    ● openvpn@client.service - OpenVPN connection to client
       Loaded: loaded (/lib/systemd/system/openvpn@.service; disabled; vendor preset: enabled)
       Active: active (running) since Fri 2017-01-06 10:15:36 CET; 1s ago
         Docs: man:openvpn(8)
               https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
               https://community.openvpn.net/openvpn/wiki/HOWTO
      Process: 16943 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc
     Main PID: 16945 (openvpn)
       CGroup: /system.slice/system-openvpn.slice/openvpn@client.service
               └─16945 /usr/sbin/openvpn --daemon ovpn-client --status /run/openvpn/client.status 10 --cd /etc/openvpn --script-security 2 --config /etc
    
    Jan 06 10:15:36 user-desktop systemd[1]: Starting OpenVPN connection to client...
    Jan 06 10:15:36 user-desktop ovpn-client[16945]: Control Channel Authentication: tls-auth using INLINE static key file
    Jan 06 10:15:36 user-desktop systemd[1]: openvpn@client.service: PID file /run/openvpn/client.pid not readable (yet?) after start: No such file or d
    Jan 06 10:15:36 user-desktop ovpn-client[16945]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Jan 06 10:15:36 user-desktop systemd[1]: Started OpenVPN connection to client.
    Jan 06 10:15:36 user-desktop ovpn-client[16945]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
    Jan 06 10:15:36 user-desktop ovpn-client[16945]: Socket Buffers: R=[163840->200000] S=[163840->200000]
    Jan 06 10:15:36 user-desktop ovpn-client[16945]: UDPv4 link local: [undef]
    Jan 06 10:15:36 user-desktop ovpn-client[16945]: UDPv4 link remote: [AF_INET]54.93.195.156:1194
  • You should now see a new interface come up with a VPN IP address

    root@ubuntu:ifconfig
    tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
              inet addr:172.27.230.24  P-t-P:172.27.230.24  Mask:255.255.248.0
              UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:100 
              RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Disable Autostart

Sometimes you want to disable autostart, because VPN will be switched on through an action.

Edit the openvpn default config file.

user@ubuntu:~$ sudo gedit /etc/default/openvpn

And uncomment the line:

#AUTOSTART="none"