How To Remove/Uninstall OpenVPN Server Completely From CentOS/RHEL 6/7?

How to Remove OpenVPN Server on Linux (CentOS, RHEL & Ubuntu)

OpenVPN is widely used to create secure VPN connections, but there are situations where you may need to completely remove an OpenVPN server from your system, such as during reconfiguration, migration, or cleanup of test environments. Removing an OpenVPN server on Linux is a common task when reconfiguring or cleaning up environments.

In this guide, you will learn how to remove an OpenVPN server on Linux systems, including CentOS, RHEL, and Ubuntu. This step-by-step tutorial covers firewall cleanup, SELinux changes, and complete package removal.

By the end of this guide, your system will be fully cleaned of OpenVPN configurations and ready for a fresh setup if needed.

In real-world environments, I’ve often needed to remove OpenVPN completely before reconfiguring setups or troubleshooting network conflicts.

Note: If you are a SUDO user, then prefix every command with sudo, like 

#sudo ifconfig

In platform engineering workflows, cleaning up services like OpenVPN is a common step during infrastructure reconfiguration and environment resets.

Prerequisites:
- A running OpenVPN server
- Root or sudo access
- Basic knowledge of Linux commands
Example Environment:
- OpenVPN Server: Running on Linux
- Default VPN Network: 10.8.0.0/24
- Protocol: UDP (default)
- Port: 1194 (default)

- OpenVPN Server IP: 192.168.1.188 - Already Running

Note: Your configuration may differ. Adjust commands accordingly.

Note: Follow this command to figure out the IP of your OpenVPN server 

[root@localhost easy-rsa]# firewall-cmd --direct --get-rules ipv4 nat POSTROUTING | grep '-s 10.8.0.0/24 '"'"'!'"'"' -d 10.8.0.0/24 -j SNAT --to ' | cut -d " " -f 10
192.168.1.188

Well by the end of this article we have the knowledge to uninstall OpenVPN

Let’s Start

Step 1:  Identify the OpenVPN Running Port and Protocol

To initiate the process of uninstalling OpenVPN, the first thing we need to do is to figure the working port and protocol for OpenVPN because there are many conditions when OpenVPN server is running on a custom port and Protocol.

For Port:

[root@localhost easy-rsa]# grep '^port ' /etc/openvpn/server.conf | cut -d " " -f 2
1194

For Protocol:

[root@localhost easy-rsa]# grep '^proto ' /etc/openvpn/server.conf | cut -d " " -f 2
udp

So now we have an OpenVPN server running on 1194 port and using UDP protocol.

Step 2: Remove Firewall Rules.

Now we have information about running port and protocol and with this information, we can undo the firewall changes which we did at the time of installation. So follow the instructions according to your OS

For RHEL/CentOS 7

We will use both permanent and not permanent rules to avoid a firewalld reload.

firewall-cmd --zone=public --remove-port=1194/udp
Success
firewall-cmd --zone=trusted --remove-source=10.8.0.0/24
Success
firewall-cmd --permanent --zone=public --remove-port=1194/udp
Success
firewall-cmd --permanent --zone=trusted --remove-source=10.8.0.0/24
Success
firewall-cmd --direct --remove-rule ipv4 nat POSTROUTING 0 -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to 192.168.1.188
Success
firewall-cmd --permanent --direct --remove-rule ipv4 nat POSTROUTING 0 -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to 192.168.1.188
Success
sed -i '/iptables -t nat -A POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to /d' /etc/rc.d/rc.local

For RHEL/CentOS 6

iptables -t nat -D POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to 192.168.1.188
sed -i '/iptables -t nat -A POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to /d' /etc/rc.d/rc.local
iptables -D INPUT -p 1194 --dport udp -j ACCEPT
iptables -D FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -D FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
sed -i "/iptables -I INPUT -p udp --dport 1194 -j ACCEPT/d" /etc/rc.d/rc.local
sed -i "/iptables -I FORWARD -s 10.8.0.0/24 -j ACCEPT/d" /etc/rc.d/rc.local
sed -i "/iptables -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT/d" /etc/rc.d/rc.local

After doing changes in our firewall you may check that that rules were deleted.

Step 3: Disable SELinux Rules (if enabled)

If you have SELinux running on your server then you need to free OpenVPN port and protocol. Now, to check the SELinux status use the following command.

[root@localhost easy-rsa]# sestatus | grep "Current mode"
Current mode: enforcing

And to verify we should use the following command

[root@localhost easy-rsa]# semanage port -l |grep 1194
openvpn_port_t tcp 1194
openvpn_port_t udp 1194

As this output shows that SELinux is working. so we need to run the following command to change SELinux context.

[root@localhost easy-rsa]# semanage port -d -t openvpn_port_t -p udp 1194

Step 4: Remove OpenVPN Packages and Files

Now that the OpenVPN service and ports have been freed, you can proceed with completely removing OpenVPN from your system. The steps differ slightly depending on your operating system.

For CentOS / RHEL

Remove the OpenVPN package:

# For older systems (yum)
sudo yum remove openvpn -y

# For newer systems (dnf)
sudo dnf remove openvpn -y

Delete the OpenVPN configuration directory:

sudo rm -rf /etc/openvpn
For Ubuntu / Debian

Remove OpenVPN along with its configuration files:

sudo apt remove --purge openvpn -y

Clean up unused dependencies:

sudo apt autoremove -y
Optional Cleanup (Recommended)

To ensure no residual files remain:

sudo rm -rf /etc/openvpn

You can verify that OpenVPN has been removed successfully by running:

openvpn --version
Note: Make sure to double-check firewall and SELinux rules based on your environment before removing them.
Frequently Asked Questions (FAQ)

 1. How do I completely remove OpenVPN from Linux?
To completely remove OpenVPN, uninstall the package, delete configuration files, and clean up firewall and SELinux rules.

2. Does removing OpenVPN delete all configurations?
Not always. You should manually remove directories like /etc/openvpn to ensure complete cleanup.

3. How do I check if OpenVPN is still running?
You can check using: systemctl status openvpn

4. Can I reinstall OpenVPN after removing it?
Yes, once removed, you can reinstall OpenVPN anytime using your package manager and reconfigure it.

5. Why should I remove firewall rules before uninstalling OpenVPN?
Firewall rules created during installation may remain active and cause network conflicts if not removed properly.

 

You May Also Like These

If you’re working with OpenVPN, these guides can help you further:

Install and Setup OpenVPN Server on Linux (CentOS/RHEL 7)
Install and Setup OpenVPN Server on Linux. (CentOS/RHEL 6)
Setup OpenVPN Clients (Linux & Windows)
Add or Create OpenVPN Client
Revoke OpenVPN Client Access
OpenVPN Security Hardening Guide

For more details, refer to the official OpenVPN documentation.
https://openvpn.net/community-resources/

Related Posts

Trending now

What Is Docker And Concept Of Containers with Virtulization?
What Is Docker And Concept Of Containers with Virtualization?
How To Install Apache 2.2 on CentOS 5/6/7?
How To Install Apache 2.2 on CentOS/RHEL 5/6/7?
What are Linux Variables And It's Types?
What are Linux Variables And It’s Types?
How To Setup Elasticsearch On RHEL/CentOS 6/7?
How To Setup Elasticsearch 6.4 On RHEL/CentOS 6/7?