Check openVPN client connected Debian
Solution 1:
It isn't clear to me if you are asking from the perspective of a client or server. In any case one thing you should strongly look at is enabling the management interface on your OpenVPN daemon with this configuration option.
management 127.0.0.1 6001
With the management interface enabled you can connected to whatever port you setup for this purpose using netcat/telnet. Then you can issue the status
command, or many other commands to determine exactly what is going on from the daemons perspective.
Solution 2:
There are a few methods, depending on what exactly you're trying to achieve. If you want to check if the client is running and you're using Debian's initscript, you can use the service
command:
% sudo service openvpn status mammon; echo $?
* VPN 'mammon' is running
0
If you want to check that the client thinks it is connected to the server, you can check the routing table for the VPN subnet or local interface existence:
% ip route | grep -q 10.8.0.1; echo $?
0
% ip link show dev tun0 > /dev/null; echo $?
0
If you want to check that the client is connected and the server is contactable, ping the server:
% ping -c1 -w5 -q 10.8.0.1 > /dev/null; echo $?
0
Solution 3:
While I think @mgorven get a good answer, I'd like to propose another one which kind of puts the problem into a different perspective.
If one is using /etc/network/interfaces
for configuring the network, it's possible to use it to control client OpenVPN tunnels. It goes like this:
Use custom name of the tunnel device for the OpenVPN's
dev
option, for instance, havedev mytun
in the OpenVPN configuration file.
Let's say the config file is
/etc/openvpn/client.conf
Set up an entry for that device in the
/etc/network/interfaces
file, like this:iface mytun inet manual pre-up /etc/init.d/openvpn start client pre-down /etc/init.d/openvpn stop client
Having set things up this way, you can now do
# /sbin/ifup mytun
# /sbin/ifdown mytun
Now back to the original question — iface
sections in the networking configuration file also support the post-up
directives which could be used for scripting the "tunnel is ready" events.
Yet another approach, for a Desktop machine, might be using a visual tool like TunTun to manage OpenVPN tunnels.