How to keep OpenVPN in systemctl always connected when the internet is disconnected or the IP address is changed from the ISP will prevent this from happening

In this case, let's say you have OpenVPN set up on Ubuntu and the VPN unexpectedly disconnects before and after you leave home, resulting in inaccessible websites. There's a way to fix this and prevent VPN disconnections caused by various factors, such as: disconnecting the internet cable, Wi-Fi, and IP changes from your ISP. This method will help, but you'll need to create a Linux shell script to check for VPN disconnections, reconnect, and ensure consistent operation if necessary.

To ensure OpenVPN has systemd installed, if it's not already there, keep the OpenVPN Client and systemd updated.

Steps:

1. Install the OpenVPN client on Ubuntu/Debian, and always install and update systemd/systemctl to ensure continuous VPN operation in the background.

2. To run OpenVPN with systemd/systemctl, create: [example name: client] to activate.

# Copy the .ovpn file to the OpenVPN config directory
sudo cp /path/to/client1.ovpn /etc/openvpn/client/client1.conf
# Note: systemd expects .conf extension, not .ovpn

# Set restrictive permissions (it contains private keys)
sudo chmod 600 /etc/openvpn/client/client1.conf

# Enable and start the service
# The service name is openvpn-client@[config-name-without-extension]
sudo systemctl enable openvpn-client@client1
sudo systemctl start openvpn-client@client1

# Check status
sudo systemctl status openvpn-client@client1

3. Add "Restart=always" to the systemd/systemctl [openvpn-client] file. Stop the VPN before editing: "nano /usr/lib/systemd/system/openvpn-client@.service", save with "ctrl + o", and exit. After saving, reload the daemon with the command "systemctl daemon-reload".

Adding "Restart=always" prevents OpenVPN in systemd from crashing unnecessarily and avoids redirecting the internet connection to the ISP after losing internet connection to the VPN.

If you want to switch to a new VPN, stop the script in crontab, stop systemd (OpenVPN client), and follow step 1.

4. Several reasons can cause this, such as: disconnecting the internet cable, Wi-Fi, and changing IP addresses from your ISP. To avoid being disconnected from the internet via VPN, create a Linux script shell to check the VPN access status and resolve issues related to VPN internet connection disconnections.

Create a .sh file, copy and paste the script into it, and save the file as follows:

#If connecting via Ethernet and Wi-Fi, change the interface, for example: enp6s0

if nmcli connection show --active | grep "enp6s0" > /dev/null 
then
  if ping -c 1 8.8.8.8 > /dev/null
  then
  exit 0
  else
   systemctl restart openvpn-client@client.service > /dev/null
 fi
 else
  exit 0
fi

*After creating the "sh" script file, make the script executable.*
Run: chmod +x [filename].sh

Note: DNS 8.8.8.8 checks whether an IP address can access the internet via the VPN. If available or unavailable, it resolves these issues to maintain a consistently working VPN connection.

5. Configure crontab to make the script check VPN access and fix the internet connection drop for 1 minute before reconnecting online.

That's all. OpenVPN can now maintain a constant VPN connection. No further action is required. Wait for the script to complete for 1 minute before reconnecting to the VPN again if internet access is lost. This will definitely help.

If you want to switch to a new VPN, stop the script in crontab, stop systemd (OpenVPN client), and follow step 1.

Comments

Post a Comment

Popular posts from this blog

Updated May 20, 2026: Install DDoS Deflate on Ubuntu/Debian to protect devices and reduce internet resource consumption.

DDoS Deflate is a GitHub repository developed by @jgmdev (Jefferson González) - founded 5 years ago, repository age 7 years or longer. DDoS Deflate is now available on Ubuntu/Debian from GitHub @jgmdev, completely free of charge and without any subscription. Provides long-term DDoS protection anywhere! What is DDoS Deflate used for? It protects devices from high internet resource usage by attackers who often randomly guess IP addresses and manipulate website browsing speeds. To use DDoS Deflate as a firewall and avoid conflicts with iptables, using ufw might cause problems. Choosing FirewallD will not cause any issues. DDoS deflate protection is definitely possible with software installed on Ubuntu/Debian. Using a firewall in conjunction can provide even better protection on public, office, and home Wi-Fi networks. Alternatively, use a 4G LTE router, making sure the firewall is enabled. As mentioned regarding DDoS Deflate; for more information on its features, visit: https://github.com...
Read more

[Full Step-by-Step Guide] How to share OpenVPN from a TP-Link router to an Ubuntu Server and enable IPTable Forwarding to share a VPN connection with multiple devices without configuring or redirecting an HTTP Proxy (for implementation). - Things you should understand beforehand.

Image
After trying a VPN, my IP address changed. If you're using a foreign VPN, you can choose one from the VPNGate website or search for IPSpeed OpenVPN on Google Search. How to configure an OpenVPN client on a TP-Link router and the steps to enable IP forwarding on an Ubuntu server after completion. Note: VPN Client configuration is only functional on devices during setup on a TP-Link router. For sharing on multiple devices, you will need an Ubuntu Server to enable IP forwarding, which requires configuring IPTables. If you are using Squid Proxy with a VPN accessed from a TP-Link router, you can configure and enable an HTTP Proxy if necessary. Edit the interface and change one of the HTTP Proxy transmission modes. An HTTP proxy handles the exchange of information regarding the device or server address, and then forwards it from the device to access the internet. This is useful if multiple devices are sharing a proxy, but it's not complicated. For IPTables, if an HTTP proxy is not ne...
Read more