HomeConsole

OpenVPN configuration file

Learn how to compose an .ovpn file from the UserAPI responses

This article is valid for OpenVPN 2.4

To compose a valid .ovpn file, you should make a call to the UserAPI and use several field values from the response. Specifically: GET /user/provide

Please make sure to use a proper "protocol" parameter value (the one you actually are going to use for the VPN connection)

Minimal requirements

client
dev tun
proto tcp-client
remote 0.0.0.0 443
auth-user-pass passfile.txt
<ca>
</ca>

Option

Values

Description

client

  • client

  • server

Defines that we want to configure an OpenVPN client, not a server

dev

  • tun

  • tap

Defines virtual device we are going to use (tun devices encapsulate IPv4 or IPv6 (OSI Layer 3) while tap devices encapsulate Ethernet 802.3 (OSI Layer 2)

proto

  • tcp-client

  • tcp-server

  • udp

Defines a network protocol to use

remote

  • IP

  • server-name

Defines a server address and a port to connect. The value for this option should be taken from the servers.address and server.port fields of the API response.

auth-user-pass

-

Should have a file name as a value. The file itself should contain the username and the password in that exact order, on separate lines. The actual values should be taken from the respective API response fields.

If the file is omitted, username/password are going to be prompted from the console.

<ca></ca>

-

Should include a security certificate from the API response field openvpn-tcp / openvpn-udp

According to the OpenVPN man page, it is impossible to inline username and password directly in the configuration file

Additional options can be used for fine-tuning:

  • tun-mtu,

  • tun-mtu-extra,

  • ping,

  • cipher,

  • auth

More information on those and other options can be found in the official OpenVPN documentation.

PreviousHydra VPN SDK demo for OpenWRTNextUse cases

Last updated