Ahmadi3D_Ali wrote: ↑Sat Aug 14, 2021 7:11 pm
Danran wrote: ↑Fri Aug 13, 2021 3:55 am
I dont know how to edit a post, so I'm posting the proper command to enable on boot and after disconnect for openvpn3 here.
Code: Select all
systemctl enable openvpn3-autoload.service
Nice solution, this solves the issue of having no internet but it seems open vpn doesnt try to reconnect, meaning the ip is exposed, i think we need one more config so now open vpn tries to reconnect infinitly.
If you do not have this problem, maybe u can share you open vpn config so i can try it with yours, thank you.
Sure! If I understand you correctly, I DO NOT have this problem. Openvpn3 connects at boot, and then if the internet (or ethernet cable is disconnected), it automatically reconnects to the vpn as soon as the internet cable is plugged back in. My final Configuration for openvpn3 that accomplishes exactly this, is posted below. I also got some help directly on github from the openvpn3 developer, so i'm fairly certin my openvpn configuration is solid, as well as secure. Below are the steps I took to get this all working with openvpn3.
On my vpn Access Server, my additional "Server Config Directives" are as follows:
Code: Select all
resolv-retry infinite
persist-key
persist-tun
keepalive 10 120
explicit-exit-notify 1
push "keepalive 10 120"
On my vpn client, my
file is located in
Code: Select all
/etc/openvpn3/autoload/myovpn3.conf
, and it looks like this (without the keys & certs):
Code: Select all
client
proto udp
nobind
remote 123.45.678.910
port 1194
dev tun
dev-type tun
remote-cert-tls server
tls-version-min 1.2
reneg-sec 604800
auth-user-pass
verb 3
push-peer-info
resolv-retry infinite
persist-key
persist-tun
keepalive 10 120
Also, on my vpn client, my
file is located at
Code: Select all
/etc/openvpn3/autoload/myovpn3.autoload
, and it looks like this (note: do not delete any parenthesis, but rather just fill in the blanks):
Code: Select all
{
"autostart": true,
"name": "TheNameOfMyVpn3",
"acl": {
"set-owner": "My-Linux-Username"
},
"tunnel": {
"ipv6": "no",
"persist": true,
"dns-fallback": "google",
"dns-setup-disabled": false
},
"user-auth": {
"username": "MyVpn3UserNameHere",
"password": "MyVpn3PasswordHere"
}
}
I have also done a
Code: Select all
sudo chmod 644 /etc/openvpn3/autoload/myovpn3.conf
and a
Code: Select all
sudo chmod 644 /etc/openvpn3/autoload/myovpn3.autoload
to make permissions more restrictive, but not so much that openvpn3 cannot read the files without being root.
Finally, after all of my config files are perfectly formatted and checked over, I run the command
Code: Select all
sudo systemctl enable openvpn3-autoload.service
and then reboot my linux box. Upon reboot, you should automatically be connected to your openvpn server. You can check your ip by running the command
. After disconnecting the ethernet cable and wifi, your clients vpn (and internet connection in general) will go down and disconnect. Once you reconnect your linux box to the internet via ethernet cable of wifi, your vpn client should automatically reconnect to the vpn without any user interaction what so ever. It does on mine at least.
Let me know if you still have issues, but I hope this helps!
Danran
https://nerd-tech.net