Join an OpenVPN Network on system Startup

You want to join an OpenVPN network on system startup under osX, but don't want to fiddle around with Open Source repositories like Darwinports,  MacPorts or Fink? Then this is what you are looking for:

• install the well known graphical OpenVPN client Tunnelblick, which you eventually already have.
  
• create a directory for your config files, usually /etc/openvpn

•  create a system startup file "/etc/rc.local" and make it executable. It will be run by the OS during system startup. Put the following lines into it, to load the tun/tap drivers that come with Tunnelblick at startup:

  #!/bin/bash
  /sbin/kextload /Applications/Tunnelblick.app/Contents/Resources/tap.kext
  /sbin/kextload /Applications/Tunnelblick.app/Contents/Resources/tun.kext

• for every VPN you have a config file for and want to join automatically, put a file into "/Library/LaunchDaemons/", that is named like "org.openvpn_CONFIG.plist" with the following content. Make sure to replace the capital names/paths with the ones that fit your configuration:
   

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>Label</key>
	<string>org.openvpn</string>
	<key>OnDemand</key>
	<false/>
	<key>Program</key>
	<string>/Applications/Tunnelblick.app/Contents/Resources/openvpn</string>
	<key>ProgramArguments</key>
	<array>
		<string>openvpn</string>
		<string>--config</string>
		<string>YOUR_CONFIG_FILE.conf</string>
	</array>
	<key>RunAtLoad</key>
	<true/>
	<key>TimeOut</key>
	<integer>90</integer>
	<key>WorkingDirectory</key>
	<string>/YOUR/CONFIG_DIRECTORY</string>
</dict>
</plist>

• Now you can activate your new daemon it with:

  launchctl load /Library/LaunchDaemons/org.openvpn_CONFIG.plist

  launchctl start org.openvpn_CONFIG

Hope you have fun!