How to control the OpenVPN through the CLI?

senseivita

I'm trying to rotate the remote tunnel endpoint I use for this searx instance I deployed so it doesn't get (further) banned.

I would just set up 7 simultaneous clients and policy route one by weekday but I'm pretty sure there's some L2/L3 link/loop or something at my provider's network because when I establish the second tunnel things just stall.

In addition to user/passwd/TLSkey, my provider requires a certificate for the link but it can take anything--even the webConfigurator one--I assumed then it was only used differentiate a user's clients (they allow unlimited connections). I created a batch, cloned the connection profile and changed certs but it didn't quite work. To work around it I'd like to lump them all up in a gateway group and only bring one up at a time with with a cronjob.

I think may have already banned my ISP's network because when I use searx over the local (dynamic IP) exit it returns no results. Rotating tunnels or at least restarting the one to keep changing it up is my only option now.

Could you tell me the commands to stop, start and restart a client? From htop I got that it could be /usr/local/sbin/openvpn --config /var/etc/openvpn/client#/config.ovpn but if that was it I probably should have another process for this S2S tunnel I have which I can't find it in the [very long] list, or* things like if killing it would be enough to prevent it from respawning or avoiding all of them to come up at once at firewall boot--I'm on the 2.5 beta so I'm updating/rebooting almost daily.

Thanks !

–––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––––
*:(found it)

heper

@skilledinept

https://forum.netgate.com/topic/131539/how-to-restart-openvpn-in-a-script/5?_=1610913942448