Ubuntu – Connect ONLY via VPN


How can I create connection via VPN by default when Ubuntu loading? Also I need don't reach Internet if VPN connection not established or disconnected.

In few words, I need connection to Internet ONLY via VPN.

Best Answer

  • this is what I have right now, in some time I'll make a script to make all this automatic in the startup, but meanwhile I hope it works for you.

    I'm assuming you are using OpenVPN if you are not you'll have to get the idea and then translate it to your VPN program.

    First you need to go to /etc/openvpn and make a file called VPNconfig with two lines (with your real values)


    Now for all your .ovpn files in /etc/openvpn you should replace



    auth-user-pass VPNconfig.txt VPNconfig.txt

    That will make sure that you don't have to write user and password each time you log in (it's also highly insecure so beware of what password you use for your VPN, make it sure it's not you password for everything else)

    Now I'll make an alias in /root/.bashrc

    alias vpn='cd /etc/openvpn/ && openvpn /etc/openvpn/Your_VPN_Ovpn_File.ovpn'

    So when you startup you just open a terminal and run

    sudo su

    To make sure your IP doesn't get revealed when the VPN disconnects you should use an iptables script, you know it follow the steps specified here, specially check the answer of windom at the bottom of the first page. If you use other VPN than PIA you will have to modify the script to fetch your IP ranges.

    That script generates the two files specified in the first post iptables-vpn and iptables-novpn.

    You would also like to avoid DNS leaks, for that append at the start of each .ovpn

    up /etc/openvpn/update-resolv-conf
    down /etc/openvpn/update-resolv-conf
    --script-security 2

    and check if it worked here

    So as gertvdijk has said you need the connection to access the VPN, so the order would be, connect to VPN, then execute ./iptables-vpn and now you will be secure of VPN disconnections, the problem is that if it disconnects you will have to manually set it up executing ./iptables-novpn , reset the VPN connection, and then turn back on the iptables-vpn.

    There is a quicker way with a python script using netifaces but I'm still using this... Hope it helped!