OpenVPNManagerService

How to use the OpenVPN Manager Service

OpenVPN ships a Windows Service, which can be used to controll an OpenVPN connection without admin rights. However, the service has a major drawbacks: if OpenVPN terminates (which happens in a few cases, i.e. when providing false credentials) the only way to restart OpenVPN without admin rights is to do a full reboot.

This is where the OpenVPN Manager Service kicks in. It is a very simple service which starts up configured OpenVPN Processes which can be controlled by the OpenVPN Manager. In addition, it monitors the running processes and restarts them if necessary.

The OpenVPN Manager Service is included in the OpenVPN Manager. To install it, open cmd.exe with administrative permissions and run:

openvpnmanager.exe -install

The service will look up all OpenVPN config files in %APPDIR%\config (%APPDIR% is the place where OpenVPN Manager was installed to). All files ending with .ovpn will be treated as service files. The settings window also shows the full path name.

Similar to the OpenVPN Server, the config must include the following lines so that the OpenVPN Manager can use the management interface.

management 127.0.0.1 11193
management-query-passwords
management-hold
management-signal
management-forget-disconnect
auth-retry interact

If you have an OpenVPN version which is compiled with smartcard support, also add the following line:

pkcs11-id-management

The management directive can contain any port. When OpenVPN Manager starts a userspace process, it uses port 11194 + x, where x is the number of the connection. So I suggest to use Port 11193 - x for your custom configurations. When all these directives are set, OpenVPN Manager will list the file in the status window.

Having all this done, the service can be started (configure it so that it starts automatically with windows). There is no further need to start OpenVPN Manager with admin permissions or type do a context switch somewhere.

If the configuration changes, the service must be restarted.