Always-On VPN issues at boot. Need to manually activate it.. What did i miss..

Always-On VPN issues at boot. Need to manually activate it.. What did i miss.. - Printable Version

+- PINE64 (https://forum.pine64.org)
+-- Forum: PinePhone (https://forum.pine64.org/forumdisplay.php?fid=120)
+--- Forum: PinePhone Software (https://forum.pine64.org/forumdisplay.php?fid=121)
+---- Forum: Mobian on PinePhone (https://forum.pine64.org/forumdisplay.php?fid=139)
+---- Thread: Always-On VPN issues at boot. Need to manually activate it.. What did i miss.. (/showthread.php?tid=14045)

Always-On VPN issues at boot. Need to manually activate it.. What did i miss.. - temp0rary - 05-31-2021

Hi. I tried this guide.. I think i did everything right, but i might have missed something...
https://wiki.mobian-project.org/doku.php?id=howto:networking&s[]=networking

Always-On VPN
VPN functionality will be added to Gnome-Control-Center in the future, but for now you can configure this via

Code:
nmcli

. This guide will explain how to import an OpenVPN connection, and then configure other connections to require it as a “secondary”. (see the always great Arch wiki for more on this)
1. Add OpenVPN support for NetworkManager by running

Code:
sudo apt install network-manager-openvpn

.
2. Import your OpenVPN .ovpn file by running

Code:
sudo nmcli connection import type openvpn file {yourovpnfile.ovpn}

3. Until this is integrated with gnome-keyring, you must store your username and password in the .nmconnection file (currently insecure due to lack of disk encryption, which is coming in the future as well). Edit your VPN config in /etc/NetworkManager/system-connections, where the file is {youropenvpnfilename}.nmconnection. Change the

Code:
password-flags

to 0. At the bottom of the [vpn] block, add

Code:
username={your username}

. Then, below the [vpn] block, add the following:
[vpn-secrets]
password={your vpn password}
4. Obtain the UUID of your VPN connection by running

Code:
sudo nmcli con show {your vpn connection name}

; the UUID is the second line.
5. In the same directory, you can now modify any connection, including your cellular one, to bring up and require the VPN connection by adding this to the end of the [connection] block:

Code:
secondaries={UUID};

(dont forget the trailing semi-colon).
6. Restart NetworkManager with

Code:
sudo systemctl restart NetworkManager

for the changes to take effect.

The thing is.. I seem to need to activate

Code:
sudo systemctl restart NetworkManager at every reboot.. My original ip is showing at boot it seems like, but is fixed with that command. What could the issue be? 

Is this the best way to set up an ovpn file at the moment? Thanks in advance.