Book Creator
 Add this page to your book
Book Creator
 Remove this page from your book  

 Manage book(0 page(s))
 Help

OpenVPN

Start OpenVPN at startup with systemd

  1. Move the .ovpn file to /etc/openvpn/. Choose the <name-of-connection> carefully, the name is required to select the connection via systemd. 
    mv <config-file>.ovpn /etc/openvpn/<name-of-connection>.conf
  2. Reload the daemon: 
    systemctl daemon-reload
  3. Start the connection: 
    systemctl start openvpn@<name-of-connection>
  4. Verify that everything worked correctly: 
    systemctl status openvpn@<name-of-connection>

    If it says running and no errors are displayed, everything was successful. If it says cipher not allowed check the following paragraph.

  5. Enable it with: 
    systemctl enable openvpn@<name-of-connection>
  6. To later disable the automatic start of the connection use: 
    systemctl disable openvpn@<name-of-connection>

Sourced from smarthomebeginner.com - OpenVPN autostart

Cipher Error

This issue only exists when the CLI-client is OpenVPN v2.6+ while the corresponding server isn't yet on this state.
  1. If there are the following lines in the console output of the connection: 
    Error: negotiated cipher not allowed - AES-256-CBC not in AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
OPTIONS ERROR: failed to import crypto options
Failed to open tun/tap interface
  2. Edit your config file. (Maybe under /etc/openvpn/) It's required to change the line that contains cipher. Edit cipher to data-ciphers. It should then look like this:
    data-ciphers AES-256-CBC
  3. Finally restart your connection.

Partially sourced from forums.openvpn.net - Cipher not allowed

  • linux/linux-tutorials/ovpn.txt
  • Last modified: 2024/04/17 18:38
  • by Zyzonix