Configuring NetworkManager for an openvpn connection from the cli

Has anyone successfully configured an openvpn connection in NetworkManager from the cli?

I can import the ovpn file into NetworkManager but I can’t find any documentation on how to deal with a vpn which requires a username and password.

I am on a headless server and can’t enter them interactively.

3 Likes
sudo nmcli connection import type openvpn file /path/to/vpn.ovpn
sudo -e /etc/NetworkManager/system-connections/vpn.nmconnection
...

[vpn]
cert-pass-flags=0
connection-type=password-tls
password-flags=0
username=USERNAME

[vpn-secrets]
cert-pass=PRIVATE_KEY_PASSWORD
password=PASSWORD

...

sudo nmcli connection reload
sudo restorecon -R /root
2 Likes

I don’t and havn’t tried it, but I’m intested in the product, so I visited the page and consuted the FAQ.

echo  "IHREN BENUTZERNAMEN ÄNDERN"  >> /etc/openvpn/credentials
echo "ÄNDERN SIE IHR KENNWORT" >> /etc/openvpn/credentials

Support can be found here: I’m on a Fedora system. Can I use OVPN? | OVPN.com

Thanks! That worked.

I have two questions.

Most importantly, do you know how to make it autoconnect? I set connection.autoconnect to yes but that doesn’t seem to cause it to autoconnect on boot. When I bring it up manually with nmcli connection up it works fine. I had to set connection.secondaries to be the uuid of the vpn connection.

Less importantly, why is sudo restorecon -R /root needed? What is changing that needs its context restored? Nevermind, it is probably for the certs that are stored under /root.

EDIT: I guess I don’t have any questions. :nerd_face:

1 Like

Thanks for the assistance but that is for using the openvpn client directly, not NetworkManager.

I used wicked before, I’m not familiar with nmcli. I occasionally use nmtui. So far, that was clear to me: Isn’t a 100% match to your question.
I don’t understand why you marked it as solution?

1 Like

That was a mistake, sorry about that.

Juup.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.