Ensuring that your field devices automatically establish a secure connection to your OpenVPN server upon network availability is crucial for maintaining consistent and secure communications. This guide will walk you through configuring NetworkManager using nmcli to set up an automatic VPN connection for a wired network. Additionally, we’ll cover how to disable this automatic connection and clean up the configuration when necessary.
Importing OpenVPN Configuration via nmcli
After receiving the OpenVPN configuration file (.ovpn) from your system administrator, it’s essential to import and configure it on your device to ensure secure connectivity. This guide will walk you through importing the .ovpn file using nmcli and managing the connection settings as needed.
To import the OpenVPN configuration file into NetworkManager on your device, follow these steps:
1. Install Necessary Plugins: Ensure that the OpenVPN plugin for NetworkManager is installed. On Debian-based systems, execute:
sudo apt-get install network-manager-openvpn
On Red Hat-based systems, use:
sudo apt-get install network-manager-openvpn
2. Import the .ovpn File: Use the nmcli command to import the OpenVPN configuration:
sudo nmcli connection import type openvpn file /path/to/your-config.ovpn
Replace /path/to/your-config.ovpn with the actual path to your .ovpn file. This command imports the VPN configuration into NetworkManager, making it manageable via standard networking tools.
3. Verify the Import: Confirm that the VPN connection has been added:
nmcli connection show
Look for the name of the imported VPN connection in the output.
Managing the VPN Connection
After importing the VPN configuration, you can manage the connection using nmcli commands. For example, to activate the VPN connection:
nmcli connection up "Your_VPN_Connection_Name"
To deactivate the VPN connection:
nmcli connection down "Your_VPN_Connection_Name"
Replace "Your_VPN_Connection_Name" with the actual name of your VPN connection.
By following these steps, you can effectively import and manage your OpenVPN connection using nmcli, ensuring secure and reliable communications tailored to your operational needs.
How to Make Your Devices in the Field Auto-Connect to Your OpenVPN Server?
After importing the OpenVPN configuration, you can configure your device to automatically establish a VPN connection whenever the wired network connection is active. The following steps outline this process for the “Wired Connection 1” profile but it can be applied to any connection.
Configuring Automatic VPN Connection for "Wired Connection 1"
1. Identify Connection Names: List all existing network connections to determine the exact names of your wired and VPN connections:
nmcli connection show
NAME UUID TYPE DEVICE
Wired connection 1 99dee23d-46a3-3364-979e-b6ab4c3584be ethernet enp0s1
Your_VPN_Connection_Name 432e84a6-176a-4016-8000-f77e0efe51a3 vpn --
Look for “Wired Connection 1” under the NAME column and note the name of your VPN connection.
2. Associate the VPN with the Wired Connection: Set your VPN connection to automatically start whenever “Wired Connection 1” is activated:
nmcli connection modify "Wired Connection 1" connection.secondaries "Your_VPN_Connection_Name"
Replace "Your_VPN_Connection_Name" with the actual name of your VPN connection.
3. Enable Autoconnect for Both Connections: Ensure that both the wired connection and the VPN are set to connect automatically:
nmcli connection modify "Wired Connection 1" connection.autoconnect yes
nmcli connection modify "Your_VPN_Connection_Name" connection.autoconnect yes
4. Restart NetworkManager: Apply the changes by restarting the NetworkManager service:
sudo systemctl restart NetworkManager
With these configurations, your device will automatically establish a VPN connection whenever “Wired Connection 1” is active, ensuring secure communications in the field.
Disabling the Automatic VPN Connection and Configuration Cleanup
If you need to disable the automatic VPN connection and clean up the associated configurations, follow these steps:
1. Remove the VPN Association: Disassociate the VPN from “Wired Connection 1”:
nmcli connection modify "Wired Connection 1" connection.secondaries ""
2. Disable Autoconnect for the VPN Connection: Prevent the VPN from connecting automatically:
nmcli connection modify "Your_VPN_Connection_Name" connection.autoconnect no
3. Restart NetworkManager: Apply the changes by restarting the NetworkManager service:
sudo systemctl restart NetworkManager
By performing these steps, the VPN will no longer automatically connect when “Wired Connection 1” is established, giving you manual control over VPN connections.
Disabling the Automatic VPN Connection and Configuration Cleanup
To verify the current active connections and ensure that the configurations have been applied correctly, use:
nmcli connection show --active
This command will display all active connections, allowing you to confirm that only the desired connections are running.
By following this guide, you can effectively manage the automatic connection of your field devices to your OpenVPN server, ensuring secure and reliable communications tailored to your operational needs.
