How to Terminate OpenVPN Connection via Command Line in Windows


10 views

When working with OpenVPN in Windows environments, you may need to terminate the VPN connection programmatically. Here's the most reliable method:

taskkill /F /IM openvpn.exe

For more controlled disconnection or specific use cases:

# Graceful termination with config file
openvpn --config client.ovpn --verb 0 --down "echo Disconnecting" --down-pre

Create a reusable disconnect script (disconnect_vpn.bat):

@echo off
setlocal
echo Attempting to disconnect OpenVPN...

:: Check if OpenVPN is running
tasklist | find /i "openvpn.exe" >nul 2>&1
if %ERRORLEVEL% equ 0 (
    taskkill /F /IM openvpn.exe
    echo OpenVPN successfully terminated
) else (
    echo No OpenVPN process found
)

endlocal

For system administrators managing multiple machines:

# PowerShell script to monitor and disconnect
Get-Process -Name openvpn* -ErrorAction SilentlyContinue | 
Stop-Process -Force -PassThru |
ForEach-Object { Write-Host "Terminated process ID: $($_.Id)" }

If the standard methods don't work:

  • Check for hung processes: tasklist /FI "IMAGENAME eq openvpn.exe"
  • Verify TAP adapter status: netsh interface show interface
  • Clear DNS cache: ipconfig /flushdns

When working with OpenVPN on Windows, many administrators prefer command-line operations for automation and scripting purposes. While connecting via CLI is straightforward, disconnecting requires specific knowledge of OpenVPN's interface.

The most reliable way to disconnect is through OpenVPN's built-in management interface. First, you need to start OpenVPN with the management interface enabled:

openvpn.exe --config your_config.ovpn --management 127.0.0.1 1194 --management-query-passwords

Once connected, you can send the shutdown command:

echo "signal SIGTERM" | nc 127.0.0.1 1194

For quick disconnection without the management interface, you can terminate the OpenVPN process:

taskkill /IM openvpn.exe /F

Note this is less graceful and might not properly clean up network routes.

Here's a complete batch script example that handles both connection and disconnection:

@echo off
SET CONFIG_PATH="C:\Program Files\OpenVPN\config\your_config.ovpn"
SET MGMT_PORT=1194

:MAIN_MENU
cls
echo OpenVPN Control Panel
echo 1. Connect
echo 2. Disconnect
echo 3. Exit
set /p choice="Enter your choice: "

if "%choice%"=="1" goto CONNECT
if "%choice%"=="2" goto DISCONNECT
if "%choice%"=="3" exit

:CONNECT
start "OpenVPN" /MIN "C:\Program Files\OpenVPN\bin\openvpn.exe" --config %CONFIG_PATH% --management 127.0.0.1 %MGMT_PORT%
goto MAIN_MENU

:DISCONNECT
echo signal SIGTERM | nc 127.0.0.1 %MGMT_PORT%
timeout /t 2 >nul
taskkill /IM openvpn.exe /F >nul 2>&1
goto MAIN_MENU

For more robust control, consider this PowerShell script:

function Disconnect-OpenVPN {
    param (
        [int]$ManagementPort = 1194
    )
    
    try {
        $client = New-Object System.Net.Sockets.TcpClient("127.0.0.1", $ManagementPort)
        $stream = $client.GetStream()
        $writer = New-Object System.IO.StreamWriter($stream)
        $writer.WriteLine("signal SIGTERM")
        $writer.Flush()
        $client.Close()
    }
    catch {
        Write-Warning "Failed to send graceful shutdown signal"
        Get-Process openvpn | Stop-Process -Force
    }
}

Remember that:

  • Management interface requires proper authentication if configured
  • Hard termination (taskkill) may leave residual network configurations
  • Port 1194 is default but may differ in your setup
  • Some corporate environments may block raw TCP connections