Today we are going to learn how to install openvpn3 client on Ubuntu 20.04 using the command line. For those who don’t know, the client is what connects to your openvpn service provider and tunnels its connection out to your openvpn service provider.
In this tutorial we will take the following steps to complete this task:
- Add openvpn3 repository to your apt sources.list to get automatic updates.
- Install the OpenVPN3 repository signing key
- Install OpenVPN3
- Download and modify your my-openvpn-client-config-file.ovpn to work with openvpn3
- Create a simple yet secure and useful my-openvpn3-client-config-file.autoload file to automatically load openvpn3 at boot time and start up.
- Create a simple yet secure and useful my-openvpn3-client-config.file.autoload file to automatically reconnect openvpn after it unexpectedly disconnects.
- Enable openvpn3 permanantely to connect on boot and after any unexpected disconnects.
Open open up your terminal and run the following command to add openvpn3 to your apt repository…
sudo nano /etc/apt/sources.list.d/openvpn3.list
Your nano text editor will open up and your terminal should be blank. Then you must copy and paste the following lines into your nano editor:
# OpenVPN3 Official Apt Repository for openvpn3.
deb https://swupdate.openvpn.net/community/openvpn3/repos focal main
Once you have pasted the text into your nano text editor (using the terminal), you can save and exit by typing “Control-X“, then hit “y” for the save option, then hit “Enter” to save and exit nano.
Ensure your apt supports the https transport by installing
apt-transport-https. Then install the OpenVPN3 repository signing key used by the openVPN 3 Linux packages. You can do all of this by running the following commands:
sudo apt install apt-transport-https && wget https://swupdate.openvpn.net/repos/openvpn-repo-pkg-key.pub && sudo apt-key add openvpn-repo-pkg-key.pub
Now, you can install your openvpn3 package with the following command:
sudo apt update && sudo apt install openvpn3
Now, navigate to
Download your openvpn.ovpn configuration file from your vpn service provider and open it with a text editor. Then add the following to its configuration with each option on its own seperate line:
keepalive 10 120
Now, copy all of the text in your openvpn.ovpn file that you downloaded and edited, and paste it into a new file called “myvpn3client.conf” located in the /etc/openvpn3/autoload directory, using nano.
sudo nano /etc/openvpn3/autoload/myvpn3client.conf
Type ctrl+x, y, then Enter, to save your file.
Now, create your autoload file by openining up your nano editor with the following command:
cd /etc/openvpn3/autoload && sudo nano myvpn3client.autoload
Copy and paste the following text into the currently opened “myvpn3client.autoload” file with your nano editor.
Fill in “my_ubuntu_username” “my_vpn_username” and “my_vpn_password” with your corresponding information. DO NOT DELETE THE QUOTES! Leave them. Your username should be the name that you registered when you set up your ubuntu installation. It should also be noted in your terminal on the left next to your computer’s hostname i.e. mrubuntu@mrubuntusdesktop.
Once you have finished filling in the blanks inside the quotes, press “control-X“, then “y” to save, and hit “Enter” to exit out of nano with a newly saved .autoload file.
Now, lets secure the permissions for your myopenvpn.conf and myopenvpn.autoload files.
sudo chmod 644 /etc/openvpn3/autoload/myvpn3client.conf && sudo chmod 644 /etc/openvpn3/autoload/myvpn3client.autoload
Now we’re ready to start your VPN. The following command will automatically connect your VPN on boot, as well as reconnect it if your internet connection drops, and restarts again. In other words, this will keep you connected to your vpn after reboot or connection failure.
Run this last command to do so:
sudo systemctl enable openvpn3-autoload.service
Now reboot and check to see if your vpn is connected by running the following command:
It should show the IP Address of your vpn provider.
lets test to see if your DNS is leaking or not.
Download the dns command line dns leak test from github, and make it executable by your user by running the following command:
cd ~/ && curl https://raw.githubusercontent.com/macvk/dnsleaktest/master/dnsleaktest.sh -o dnsleaktest.sh && chmod +x dnsleaktest.sh
Run your dnsleaktest!
After a minute or so, it should show the IP addresses of your VPN provider. If it does not, then your dns may be leaking, and the leaktest will tell you that.