OpenVPN Support Forum

Hi everyone.
I am trying to detect if OpenVPN connection is established on the client side and notify other application that is running on the same machine.
I checked several posts on this forum and found that using --up option may be a good approach.

According to the reference (https://openvpn.net/community-resources ... envpn-2-4/),
--up options is used to "Run command cmd after successful TUN/TAP device open".
Does successful TUN/TAP device open mean end-to-end connection over openvpn is established?
Or might it be the case that it does not necessarily mean the connection is not established?

In this case, the VPN itself is not ready to pass data but everything else is ready.

Once the --up script completes then, for security reasons, the VPN will pass data.

Some people claim they can get data over the VPN before the --up completes ..

Thank you for your reply.

> In this case, the VPN itself is not ready to pass data but everything else is ready.

So do you mean when --up script is run, it does not guarantee that data can be passed over the VPN?
If so, what about --up-delay? The reference says it delays "--up script execution until after TCP/UDP connection establishment with peer".

I am told that the VPN will not pass data until all scripts complete, as it says in the manual.

Some people believe they can get around it ..

Try it for yourself.

I confirmed that I cannot pass data inside --up script nor inside --route-up script.
But I think the fact that "the VPN itself is not ready to pass data but everything else is ready" when --up script is run is already enough for my usecase.
Thank you so much for your help.