Managing OpenVPN connection via nmcli: A Comprehensive Guide

Managing OpenVPN via nmcli provides a streamlined, scriptable alternative to manual configuration, particularly in CLI-only environments. This guide covers importing configurations, securing credentials, and managing routing using NetworkManager.

Importing the Configuration

To import an existing .ovpn profile into NetworkManager, use the following command:

nmcli connection import type openvpn file /path/to/your/config.ovpn

Note: Ensure the network-manager-openvpn plugin is installed on your system.

Configuring Credentials

If the VPN requires authentication, inject the username and password directly into the connection profile:

# Set the username
nmcli connection modify "<connection_name>" vpn.data "username=your_username"

# Set the password
nmcli connection modify "<connection_name>" vpn.secrets "password=your_password"

Enter your command following a space to ensure it is not recorded in the history.

you can also choose to type credentials and password every time you want to connect.

Fixing Internet Connectivity (Routing Control)

By default, an OpenVPN connection may set itself as the system’s default gateway, which can prevent access to the regular internet. To prevent this and only route specific traffic through the tunnel, set ipv4.never-default to yes:

# Disable the default route
nmcli connection modify "<connection_name>" ipv4.never-default yes

# Restart the connection to apply changes
nmcli connection down "<connection_name>"
nmcli connection up "<connection_name>"

Conclusion

Using nmcli to manage OpenVPN connections provides a powerful and flexible way to handle VPN configurations in a CLI environment. Happy networking!

This blog post is licensed under CC BY-SA 4.0