Before we start

Configure client side

Open the client .ovpn file.

Add this line to use SOCKS5 proxy on localhost port 1080.

socks-proxy 1080

Add this line to skip routing the connection to Shadowsocks server via OpenVPN.

route SHADOWSOCKS_SERVER_IP net_gateway

Add necessary routing if you needed. For example, this skips connection in LAN connecting via OpenVPN.

route net_gateway

Eventually your .opvn file will look like below:

dev tun
proto tcp
resolv-retry infinite
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
verb 3

socks-proxy 1080
route SHADOWSOCKS_SERVER_IP net_gateway
route net_gateway


To connect:

sudo openvpn --config client.ovpn

To connect OpenVPN automatically after boot, change the filename from .ovpn to .conf, and move the file to /etc/openvpn/client/

sudo mv client.opvn /etc/openvpn/client.conf

Enable and start the service.

sudo systemctl enable [email protected]
sudo systemctl start [email protected]