OpenVPN Client on Ubuntu 16.04

Owned by Sebastian Koch
Last updated: Mar 05, 2019 by Alexander Beate
2 min read

Introduction

Following shows the easy installation of the openvpn client with a auto-login certificate.

Prerequisites

You require a client.ovpn file which should be given to you before hand by the OpenVPN Administrator.

Install and Setup

  1. Install the openvpn client

    sudo apt-get install openvpn

  2. Copy the client.ovpn to /etc/openvpn and rename if to client.conf

  3. Enable the auto start of the service within systemd


    user@user-desktop:~$ sudo systemctl enable openvpn@client.service
Created symlink from /etc/systemd/system/multi-user.target.wants/openvpn@client.service to /lib/systemd/system/openvpn@.service.

  4. You can now start the client

    user@user-desktop:~$ sudo service openvpn@client start
On this page:

Verify Connection

  • Check the client status 

    user@user-desktop:~$ sudo service openvpn@client status
● openvpn@client.service - OpenVPN connection to client
   Loaded: loaded (/lib/systemd/system/openvpn@.service; disabled; vendor preset: enabled)
   Active: inactive (dead)
     Docs: man:openvpn(8)
           https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
           https://community.openvpn.net/openvpn/wiki/HOWTO
user@user-desktop:~$ sudo service openvpn@client start
user@user-desktop:~$ sudo service openvpn@client status
● openvpn@client.service - OpenVPN connection to client
   Loaded: loaded (/lib/systemd/system/openvpn@.service; disabled; vendor preset: enabled)
   Active: active (running) since Fri 2017-01-06 10:15:36 CET; 1s ago
     Docs: man:openvpn(8)
           https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
           https://community.openvpn.net/openvpn/wiki/HOWTO
  Process: 16943 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc
 Main PID: 16945 (openvpn)
   CGroup: /system.slice/system-openvpn.slice/openvpn@client.service
           └─16945 /usr/sbin/openvpn --daemon ovpn-client --status /run/openvpn/client.status 10 --cd /etc/openvpn --script-security 2 --config /etc

Jan 06 10:15:36 user-desktop systemd[1]: Starting OpenVPN connection to client...
Jan 06 10:15:36 user-desktop ovpn-client[16945]: Control Channel Authentication: tls-auth using INLINE static key file
Jan 06 10:15:36 user-desktop systemd[1]: openvpn@client.service: PID file /run/openvpn/client.pid not readable (yet?) after start: No such file or d
Jan 06 10:15:36 user-desktop ovpn-client[16945]: Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 06 10:15:36 user-desktop systemd[1]: Started OpenVPN connection to client.
Jan 06 10:15:36 user-desktop ovpn-client[16945]: Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Jan 06 10:15:36 user-desktop ovpn-client[16945]: Socket Buffers: R=[163840->200000] S=[163840->200000]
Jan 06 10:15:36 user-desktop ovpn-client[16945]: UDPv4 link local: [undef]
Jan 06 10:15:36 user-desktop ovpn-client[16945]: UDPv4 link remote: [AF_INET]54.93.195.156:1194

  • You should now see a new interface come up with a VPN IP address

    root@ubuntu:ifconfig
tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:172.27.230.24  P-t-P:172.27.230.24  Mask:255.255.248.0
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

Disable Autostart

Sometimes you want to disable autostart, because VPN will be switched on through an action.

Edit the openvpn default config file.

user@ubuntu:~$ sudo gedit /etc/default/openvpn

And uncomment the line:

#AUTOSTART="none"