Reference Manual

Ontrol Panel


openvpn - interact with the OpenVPN application  Elevation required

openvpn - interact with the OpenVPN Interactive Service

openvpns - Start or Stop an OpenVPN Service


openvpn ['connection' | close | list | status]

Command openvpn 'connection' establishes the specified OpenVPN connection, where connection is either an OpenVPN connection file name or a short connection ID defined in file openvpn.txt in the current directory (usually \NAT32v2).

Command openvpn close closes an open connection.

Command openvpn list prints the connections contained in file openvpn.txt.

Command openvpn status prints status information.

A TAP-WIN32 adapter must be available in order to use OpenVPN. NAT32 should be configured to use 2 Internet interfaces, with the main Internet adapter as the Main interface and the TAP-WIN32 adapter as the Auxiliary interface.

If NAT32 is running in User Mode, be sure that the OpenVPN Interactive Service is running. This can be done via the openvpns start command. That command will automatically start the correct service.

The first line of the openvpn.txt file must contain the full path of the OpenVPN executable file, typically:

C:\Program Files\OpenVPN\bin\openvpn.exe

Subsequent lines contain a short connection ID, followed by the name of the associated .ovpn file. The .ovpn files are connection-specific OpenVPN configuration files that your VPN Service Provider will have supplied.

Be sure to remove the auth-user-pass line in those files or OpenVPN will prompt for a Username and Password before connecting. Authentication is done as described below.

For OpenVPN versions 2.4.x and later, be sure to also remove "tls-remote" lines.

For authentication, create a file up.txt containing the needed Username in line 1 and Password in line 2.

The current directory must also contain the certificate file .crt issued by the VPN Service Provider. The file can be copied from the directory in which the Service Provider's software is installed.

Because certificates have an expiry date, BE SURE to update the certifcate file regularly.

Up to 16 connections can be specified in the openvpn.txt file, but note that comments are currently not allowed.

If NAT32 is running in User Mode, be sure to copy up.txt, the .ovpn files and the .crt file to your \Users\name\OpenVPN\config directory.

Before starting an OpenVPN connection, be sure that the NAT32 Interface selection algorithm is set to main. Any other value will render the connection inoperable.

An OpenVPN connection can be shared by all computers that are using NAT32 as their Internet gateway. This means that those computers continue to have unaltered local access, while all Internet access will be via the OpenVPN connection. This is particularly useful for streaming video content from geo-blocked Internet sites for playback on a local media player (such as an Apple TV).

For convenience, the OpenVPN Dialer can be used to open and close OpenVPN connections. The dialer has been designed for use on mobile devices and should be customized as needed.

Interface Selection, OpenVPN Dialer, Routing by source address, RAS Dial-Up Networking