[HOWTO] - Launch a VPN client "On-demand" as a background process

  • Description


    The purpose of this guide is to be able to launch a VPN client configuration file as a background process when we want, not necessarely at boot. So let say I want to download a torrent and would like to connect to a VPN server before starting the download, and stop the process when the download is finished (after seeding 2x minimum...obviously ;) ). In my case, I'm using a ProtonVPN client configuration file that I will modify so I can automatically login the server without a prompt from a terminal. But it could work with any client configuration.


    Steps


    1. Create a Shared Folder where you're planning to put the OpenVPN client config file ;
    2. Create a temporary SMB/CIFS or FTP to be able to access the share ;
    3. Give a user a proper access permission to write files in the share ;
    4. Place the client config file in the share (protonvpn_is-nl.ovpn in my case), change the extension to ".conf" (it seems to be prefereable for OpenVPN)
    5. Create a text file where you'll put the Username and the password to access the VPN server, I name the file pass.txt :


    Code
    username
    password


    6. You will now have the find the server share path where those files are on the server, on OMV 3.X it would be :
    /srv/dev-disk-by-label-label-device_label/share_name/
    In my case a created a share name protonvpn in the data device so it would look like this :
    /srv/dev-disk-by-label-data/protonvpn/
    7. Open the client config file with a text editor and change the line auth-user-pass to :


    Code
    auth-user-pass /srv/dev-disk-by-label-device_label/share_name/pass.txt

    8. Install the OMVEXTRA plugin for OMV 3.X if you haven't done so ;
    9. Install the OpenVPN plugin, we won't be using the plugin from OMV WebUI, but we need it to run a client (By the way, it would be nice to have a "client" tab in the plugin to configure a client from OMV!);
    10. Create a Scheduled Job to start the client on-demand, I set it to lauch yearly, as root, the following command :


    Code
    openvpn --config /srv/dev-disk-by-label-device_label/share_name/conf_file.conf --daemon

    11. Create a Scheduled Job to stop the client on-demand, I set it to launch yearly, as root, the following command :


    Code
    killall -SIGINT openvpn

    12. Create a Scheduled Job the check the public IP after starting the client, yearly, as root, the following command :

    Code
    wget -qO- http://ipecho.net/plain ; echo

    13. You can now delete the SMB/CIFS or FTP share


    Done!


    Conclusion


    You can now use the Schedule Jobs to run/stop the client in the background as you wish! Check the public IP to make sure you are connected to the VPN server!

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!