What are the commands to start/stop/restart the openvpn client service via ssh? If I have multiple configurations, can I select one of these when starting the client?
/etc/init.d/openvpn restart will restart all OpenVPNs on the system.
I am not aware of a way to start/stop individual connections. ifup/down doesn’t seem to do what you would expect.
you could write wrapper scripts:
openvpn-client1-disable:
mv /etc/openvpn/client1.conf /etc/openvpn/client1.conf.bak
/etc/init.d/openvpn restart
openvpn-client1-enable:
mv /etc/openvpn/client1.conf.bak /etc/openvpn/client1.conf
/etc/init.d/openvpn restart
this is just the very basic, you could write a better script but this should already work.
What about a script that changes the values in the /etc/config/openvpn? enable or disable the desired setting block.
if you’ve created the OpenVPN clients in /etc/config/openvpn, then just use UCI via the CLI:
uci show openvpn | grep enabled
uci set openvpn.myvpn0.enabled=0
uci set openvpn.myvpn1.enabled=1
uci commit
/etc/init.d/openvpn restart
Actually, the above half-assumes that your config file looks like the following (this is a server config, but you get the idea):
uci set openvpn.myvpn=openvpn
uci set openvpn.myvpn.enabled=1
uci set openvpn.myvpn.verb=3
uci set openvpn.myvpn.port=1194
uci set openvpn.myvpn.proto=udp
uci set openvpn.myvpn.dev=tun
uci set openvpn.myvpn.server=‘10.8.0.0 255.255.255.0’
uci set openvpn.myvpn.keepalive=‘10 120’
uci set openvpn.myvpn.ca=/etc/openvpn/ca.crt
uci set openvpn.myvpn.cert=/etc/openvpn/my-server.crt
uci set openvpn.myvpn.key=/etc/openvpn/my-server.key
uci set openvpn.myvpn.dh=/etc/openvpn/dh2048.pem
…
But you could have (note the 0):
uci set openvpn.myvpn=openvpn
uci set openvpn.myvpn.enabled=1
uci set openvpn.myvpn.config=/etc/openvpn/my-vpn0.conf
Which would then let you (note the 1):
uci set openvpn.myvpn.config=/etc/openvpn/my-vpn1.conf
uci commit
/etc/init.d/openvpn restart
OpenVPN is a full-included SSL VPN which actualizes OSI layer 2 or 3 secure system augmentation utilizing the business standard SSL/TLS convention, underpins adaptable customer confirmation strategies in light of authentications, keen cards, and additionally username/secret key certifications, and permits client or gathering particular access control approaches utilizing firewall rules connected to the VPN virtual interface. OpenVPN isn’t a web application intermediary and does not work through a web program.
OpenVPN 2.0 develops the capacities of OpenVPN 1.x by offering a versatile customer/server mode, enabling different customers to associate with a solitary OpenVPN server process over a solitary TCP or UDP port. OpenVPN 2.3 incorporates countless, including full IPv6 support and PolarSSL bolster.