Opened 6 years ago
Closed 16 months ago
#1058 closed Feature Wish (fixed)
Autoconnect and control through GUI are mutually exclusive. (Windows.)
| Reported by: | JN456# | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | release 2.6 |
| Component: | Windows GUI | Version: | OpenVPN 2.4.5 (Community Ed) |
| Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
| Cc: | Selva Nair |
Description
When on Windows I use the GUI to start OpenVPN at startup, then
(1) the interface starts but the VPN has to be enabled via clicking in menus.
Now, I can get the vpn to go up by creating a scheduled task that does this, on boot:
"C:\Program Files\OpenVPN\bin\openvpn-gui.exe" --connect "<my conf file>.ovpn"
Yet, if I do that, then, while the VPN connects at start, then
(2a) the GUI does not show the VPN as on
and, moreover,
(2b) if I tell the GUI to 'connect', it generates an error about not being able to connect to the management interface. Or at least that happens after I recently updated OpenVPN.
Might I add the following? It was awkward enough having to use the task scheduler workaround - one should not have to resort to the (in itself fragile, and also ungainly) task scheduler; and, now, even that workaround does not work properly.
PS: I may have the version numbers - below - wrong. For, there's one version number for the GUI, I think, and another for the backend . . Anyhow, my OpenVPN log reports this: OpenVPN 2.4.5 x86_64-w64-mingw32; and I'm on Windows 8.1 Pro x64.
Change History (10)
comment:1 Changed 6 years ago by
comment:2 Changed 6 years ago by
| Cc: | Selva Nair added |
|---|---|
| Component: | Generic / unclassified → Windows GUI |
| Milestone: | release 2.4.5 |
| Owner: | set to Heiko Hund |
| Type: | Bug / Defect → Feature Wish |
For "autostart things at boot", there's the OpenVPN service.
Arguably it is not documented very well, and the GUI won't show (I think) sessions started by the service, but that's what we have for this task.
comment:3 Changed 6 years ago by
| Owner: | Heiko Hund deleted |
|---|---|
| Status: | new → assigned |
comment:4 Changed 6 years ago by
OpenVPN GUI cannot do this [*]. I suggest to use OpenVPNService (not enabled by default) to start the connection at boot and then use OpenVPN-MI-GUI to control it (see http://openvpn-mi-gui.inside-security.de/ for a howto). Its probably not actively maintained. There are some caveates like the management interface is left open so anyone with physical access to the machine could access it etc.
I want to make OpenVPN-GUI control such prestarted instances --- we do have a version we use locally, but outdated now and no free time to revive it.
[*] There are some hacks like use an auto-logon task that logs in as user, starts the GUI, and locks the screen etc., but I'd avoid it.
comment:5 Changed 6 years ago by
@Selva, do we have a complete documentation on the OpenVPNService somewhere? Like, where exactly does it look for config files, how do they need to be named (.ovpn? .conf? "does not matter, all files in that directory"?)
I tried to find something and came up empty - lots of google hits for "how to turn on a service", but nothing about "... and this is what will happen afterwards". Meh.
comment:6 Changed 6 years ago by
No, I don't have any docs on the legacy service or its .NET replacement.
Its settings are determined by the following registry keys all of which have reasonable defaults as installed:
exe_path -- which executable to start (install-path\bin\openvpn.exe by default)
config_ext -- extension of config files (.ovpn by default)
config_dir -- where configs live (this directory and its immediate subdirectories are scanned).
-- This also becomes the working directory for openvpn.exe
(install-path\config by default)
log_dir -- where to create log files (install-path\log\ by default)
log_append -- append to log or not (0 by default)
priority -- for openvpn.exe process (NORMAL by default)
So a simple instruction would be to name the config with extension .ovpn and copy it to install-path\config or one of its subdirectories. Then set the OpenVPNService to start automatically and start it:
sc config OpenVPNService start= auto sc start OpenVPNService
Note: the above commands should be run from an elevated command prompt and the space after start= is required.
comment:7 Changed 16 months ago by
I think this is something where 2.6 will bring nice improvements, with the GUI being able to control service-controlled configs as well. Right?
comment:8 Changed 16 months ago by
Yes :) Keep connection profiles (config files) that should be started at boot in confog-auto folder and have OpenVPNService running as before. Then when GUI is started it will show those connections under a sub-menu: Persistent connections.
As always, the GUI requires uniquely named config files, so if there is a one with teh same name in global or user config folder it will mask the one in config-auto. Always use unique config file names.
comment:9 Changed 16 months ago by
| Milestone: | → release 2.6 |
|---|
Very nice :-) - closing this, with milestone set to 2.6
Happy Christmas to you all!
comment:10 Changed 16 months ago by
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Maybe I should then actually close the ticket, not just claim so :-)
CC
Also, you cannot start the GUI at boot .. start it at user login.