Opawesome Posted August 19, 2021 Share Posted August 19, 2021 (edited) Hi, Since the OpenVPN Server plugin by @peter_sm, and the OpenVPN-AS docker container by @linuxserver.io are no longer available (as of august 2021), I thought it might be useful to some of you to know how to manually install an OpenVPN server on your Unraid machine. Using the Wireguard VPN which is now included in Unraid is of course an option but you may want to stick with OpenVPN for many reasons. The method below: was tested (and works) on Unraid 6.8.3, 6.9.2, 6.10.2, 6.10.3, 6.11.5, 6.12.4 and 6.12.8; assumes that you already have (or know how to setup) an openvpn .ovpn configuration file for your server (and clients); assumes that you already have (or know how to create) the SSL certification authority certificate, SSL server certificate, RSA keys and diffie hellman key which are required by your openvpn .ovpn configuration fileq; [Note: I personally use XCA to create and manage all my certificates and keys; tutorials on how to create the certificates and keys with XCA can be found here on YouTube for example.] assumes that you know how to setup your router to forward the ports required for you OpenVPN server to work; allows you to run OpenVPN even if the array is stopped (this is useful if your array is encrypted and does not automatically start on boot). STEP 1: ADD THE OPENVPN PACKAGE TO THE UNRAID BOOT DRIVE 1.1. Grab the openvpn-2.5.5-x86_64-1.txz package for Slackware here. Note: If you are using an older version of Unraid, you may need the openvpn-2.4.8-x86_64-1.txz package. I have not been able to find this older version on the Slackware website but I was able to grab that package from my previous install of the OpenVPN Server plugin. I have attached it to this post, but please share any link to an official download if you find one. 1.2. Copy it to the /boot/extra/ directory on the Unraid boot drive. Note: Packages in this folder are installed upon boot. STEP 2: ADD THE OPENVPN CONFIGURATION FILES AND ASSOCIATED CERTIFICATES, KEYS AND FILES TO THE UNRAID BOOT DRIVE 2. Copy your OpenVPN configuration file and associated certificates, keys and files to the /boot/config/user-files/openvpn/ directory on the Unraid boot drive. Note: These files include the following, depending on your configuration: server.ovpn or client.ovpn, dh.pem, ca.cert, server.crt, ta.key (if you use TLS for authentication), crl.pem (if you use a certificate revocation lists), ipp.txt (if you use manual IP assignment) STEP 3: EDIT THE "GO" FILE ON THE UNRAID BOOT DRIVE 3.1. Edit the /boot/config/go file on the Unraid boot drive by adding the following at the end of the file: # ############# # Start OpenVPN (beginning) # ############# # Start OpenVPN - 1. Set variables NETWORK="172.16.92.0" # OpenVPN server IP network CIDRSUFFIX="24" # OpenVPN server IP network CIDR suffix, without the "slash" OPENVPNCONFIGPATH="/boot/config/user-files/openvpn/" # Path to openvpn configuration files on USB drive, with the trailing "slash" # Start OpenVPN - 2. Copy OpenVPN configuration and cert files mkdir -p /etc/openvpn/ cp "${OPENVPNCONFIGPATH}server.ovpn" /etc/openvpn/ cp "${OPENVPNCONFIGPATH}dh.pem" /etc/openvpn/ cp "${OPENVPNCONFIGPATH}ca.crt" /etc/openvpn/ cp "${OPENVPNCONFIGPATH}server.crt" /etc/openvpn/ cp "${OPENVPNCONFIGPATH}server.key" /etc/openvpn/ cp "${OPENVPNCONFIGPATH}ta.key" /etc/openvpn/ cp "${OPENVPNCONFIGPATH}ipp.txt" /etc/openvpn/ # Start OpenVPN - 3. Create tun device mkdir -p /dev/net if [ ! -c /dev/net/tun ]; then mknod /dev/net/tun c 10 200 fi modprobe tun echo 1 > /proc/sys/net/ipv4/ip_forward # Start OpenVPN - 4. Run OpenVPN mkdir -p /var/run/openvpn/ sudo -H -u root openvpn --writepid /var/run/openvpn/openvpn.pid --config /etc/openvpn/server.ovpn --script-security 2 --daemon # Start OpenVPN - 5. Add IP tables NIC=$(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)' | head -1) echo $NIC IPRULES1="iptables -t nat -A POSTROUTING -s $NETWORK/$CIDRSUFFIX -o $NIC -j MASQUERADE" eval $IPRULES1 iptables -t nat -L POSTROUTING -n -v --line-numbers | grep $NETWORK # ############# # Start OpenVPN (end) # ############# 3.2. Adjust the above to your own use case Note: For exemple, you will need to change the NETWORK and CIDR variables according to the IP address and network mask that are set in the server.ovpn configuration file. STEP 4: REBOOT AND CHECK THAT THE SERVER IS WORKING 4.1. Reboot your Unraid machine. 4.2. Check that OpenVPN is running by executing this command: ifconfig tun0 4.3. Try to connect to your OpenVPN server with a client. Note: I recommend adding the following lines to your .ovpn config file to help troubleshooting any potential issues: status /var/log/openvpn-status.log 5 log-append /var/log/openvpn.log I hope this helps. Best, Opawesome openvpn-2.4.8-x86_64-1.txz Edited February 24 by Opawesome updated with openvpn-2.5.5-x86_64-1.txz 2 Quote Link to comment
Emanuel87 Posted June 22, 2022 Share Posted June 22, 2022 for those more challanged among us, could you please may detail also the assumed part Quote *assumes that you already have (or know how to setup) an openvpn .ovpn configuration file for your server (and clients); *assumes that you already have (or know how to create) the SSL certification authority certificate, SSL server certificate, RSA keys and diffie hellman key which are required by your openvpn .ovpn configuration fileq; [Note: I personally use XCA to create and manage all my certificates and keys; tutorials on how to create the certificates and keys with XCA can be found here on YouTube for example.] Quote Link to comment
trurl Posted June 22, 2022 Share Posted June 22, 2022 Have you tried Wireguard? Quote Link to comment
Emanuel87 Posted August 19, 2022 Share Posted August 19, 2022 wireguard is blocked by company it. so that's why i've asked for openVPN, as this is what the company also uses. Quote Link to comment
chssmstr23 Posted October 12, 2023 Share Posted October 12, 2023 For future people finding this post: The current package can be found under the "n" directory for slackware since it is in the base install ie https://mirrors.slackware.com/slackware/slackware-current/slackware/n/ As far as i can tell Unraid is running slackware 15 however if anyone has a better source please correct me. i will report back on comparability of unraid 6.11.5 and 6.12.4 (my current system builds) 1 Quote Link to comment
Opawesome Posted October 16, 2023 Author Share Posted October 16, 2023 On 10/12/2023 at 4:59 AM, chssmstr23 said: For future people finding this post: The current package can be found under the "n" directory for slackware since it is in the base install ie https://mirrors.slackware.com/slackware/slackware-current/slackware/n/ As far as i can tell Unraid is running slackware 15 however if anyone has a better source please correct me. i will report back on comparability of unraid 6.11.5 and 6.12.4 (my current system builds) Have you been able to get the OpenVPN server working with any package sourced from the official slackware website ? Quote Link to comment
Opawesome Posted February 24 Author Share Posted February 24 Tutorial was updated with the openvpn-2.5.5-x86_64-1.txz package for Slackware. 1 Quote Link to comment
shpitz461 Posted February 27 Share Posted February 27 Here's the x64 package: https://ftp.ussg.indiana.edu/linux/slackware/slackware64-current/slackware64/n/openvpn-2.6.9-x86_64-1.txz Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.