OpenVPN configuration file
Learn how to compose an .ovpn file from the UserAPI responses
This article is valid for OpenVPN 2.4
To compose a valid .ovpn file, you should make a call to the UserAPI and use several field values from the response. Specifically: GET /user/provide
Please make sure to use a proper "protocol" parameter value (the one you actually are going to use for the VPN connection)
Minimal requirements
Option | Values | Description |
client |
| Defines that we want to configure an OpenVPN client, not a server |
dev |
| Defines virtual device we are going to use (tun devices encapsulate IPv4 or IPv6 (OSI Layer 3) while tap devices encapsulate Ethernet 802.3 (OSI Layer 2) |
proto |
| Defines a network protocol to use |
remote |
| Defines a server address and a port to connect. The value for this option should be taken from the servers.address and server.port fields of the API response. |
auth-user-pass | - | Should have a file name as a value. The file itself should contain the username and the password in that exact order, on separate lines. The actual values should be taken from the respective API response fields. If the file is omitted, username/password are going to be prompted from the console. |
<ca></ca> | - | Should include a security certificate from the API response field openvpn-tcp / openvpn-udp |
According to the OpenVPN man page, it is impossible to inline username and password directly in the configuration file
Additional options can be used for fine-tuning:
tun-mtu,
tun-mtu-extra,
ping,
cipher,
auth
More information on those and other options can be found in the official OpenVPN documentation.
Last updated