Automatically Start OpenVPN Client on Ubuntu 12.04 CLI: Configuration & Service Setup


2 views

When working with Ubuntu 12.04's headless CLI environment, OpenVPN requires specific configuration to run as a service. Unlike manual execution via sudo openvpn client.ovpn, the service-based approach needs proper file placement and naming conventions.

# Move your configuration with proper naming
sudo cp client.ovpn /etc/openvpn/client.conf

# Set correct permissions
sudo chmod 600 /etc/openvpn/client.conf

Ubuntu 12.04 uses Upstart for service management. Edit the OpenVPN service configuration:

sudo nano /etc/init/openvpn.conf

Ensure it contains these critical parameters:

description     "OpenVPN server"
author          "OpenVPN <info@openvpn.net>"

start on filesystem and net-device-up IFACE=lo
stop on runlevel [!2345]

respawn
respawn limit 10 5

exec openvpn --daemon --config /etc/openvpn/client.conf

After making changes, test the service with:

sudo service openvpn restart
sudo tail -f /var/log/syslog | grep openvpn

Common issues to check:

  • Configuration file must end with .conf extension
  • Client certificate paths must be absolute in the config
  • Enable logging with verb 4 in your .conf file

For automatic startup on boot:

sudo update-rc.d openvpn enable
sudo service openvpn start

For advanced users needing multiple VPN configurations, create separate .conf files in /etc/openvpn and use:

sudo nano /etc/default/openvpn
# Set AUTOSTART="client1 client2"

When you manually run sudo openvpn client.ovpn, you're executing OpenVPN in client mode for that specific configuration file. However, the service openvpn start command looks for configurations in /etc/openvpn following a specific naming convention.

For automatic startup to work:

sudo cp client.ovpn /etc/openvpn/
sudo mv /etc/openvpn/client.ovpn /etc/openvpn/client.conf

The service looks for files ending with .conf by default. Alternatively, you can create a symlink:

sudo ln -s /path/to/client.ovpn /etc/openvpn/client.conf

After placing the configuration file correctly:

sudo update-rc.d openvpn defaults
sudo service openvpn start

Verify it's running with:

ps aux | grep openvpn

If the service still doesn't start:

sudo tail -f /var/log/syslog

Common problems include:

  • Missing authentication credentials in the config file
  • Incorrect file permissions (should be 600 for security)
  • Network interfaces not being ready when service starts

For cases where the service method doesn't work:

sudo crontab -e

Add this line:

@reboot /usr/sbin/openvpn --config /etc/openvpn/client.conf --daemon

Once running, verify your connection:

ifconfig tun0
curl ifconfig.me

You should see your VPN-assigned IP address.