thingie2 Posted April 28 Share Posted April 28 Over the years, I've added a bit of this & a bit of that here & there, with a tweak as needed to make my server do what I need. Although I'm familiar with a lot of networking etc, I'm by no means an expert, so I'm looking for some advice if there's a better method to achieve what I want (especially as I've just changed my NIC & I seem to be having problems with my original plan, so before I try to bodge a bodge, I want to know if I should be changing everything!). I'm not after being hand held through setting everything up at this stage (I want to research the methods, how to setup etc etc as needed, but as I don't know what I don't know, I'm not sure where I should start!) Currently running V6.12.10 My desired outcome: I have a series of containers I want to put through a VPN (*arrs, torrent client etc) (but not all need to) Each container to have a dedicated IP (I guess I can comprimise on this, but in my mind, it's the neatest approach My current setup/plan I have a dual 10G NIC (I also have a dual onboard 1G NIC, but I'm not using this, I have the 10G NIC set as eth0 & eth1, with the onboard as eth2 & eth3, but disabled). I use 1 interface as a 192.168.10.0/24 address range, and the other a 192.168.20.0/24 address range, with each container being given a manual IP address & the docker network type being maclvan (this, espeically I understand isn't the preferred route anymore, but it's how I've had it for years, before Unraid supported ipvlan I think) Everything on the 20.0 network goes through a VPN (utilising an Ubuntu VM as the gateway & OpenVPN client) Everything on the 10.0 range doesn't go through the VPN. A couple of firewall rules allow the required containers from each network to talk to each other (e.g. plex on the 10.0 network to the *arrs on 20.0) Pointers to the best route to achieve what I want? Quote Link to comment
Veah Posted April 28 Share Posted April 28 Firewall alias for VPN gateway. Drop your IP address for those containers in that alias. Set rule for that alias to go to gateway VPN IP. Quote Link to comment
dried-buckboard2082 Posted April 28 Share Posted April 28 Sorry I cannot explain in English I give you my way https://www.reddit.com/r/unRAID/comments/t48ufr/how_to_get_containers_qbittorrent_sabnzbd_jackett/ Quote Link to comment
thingie2 Posted May 1 Author Share Posted May 1 Thanks both, I'll have a think over my options Quote Link to comment
bmartino1 Posted May 1 Share Posted May 1 are you using unraids vpn server? you can achieve this on how wg0 on unraids connects to lan network and docker services over the vpn if Unraid is vpn host. Quote Link to comment
thingie2 Posted May 1 Author Share Posted May 1 12 minutes ago, bmartino1 said: are you using unraids vpn server? you can achieve this on how wg0 on unraids connects to lan network and docker services over the vpn if Unraid is vpn host. I'm not. I thought the built in VPN service in unraid was as a server, rather than client (i.e. can be used to access unraid from WAN, rather than to allow unraid to connect to the web through a VPN), is that not the case? Quote Link to comment
bmartino1 Posted May 1 Share Posted May 1 (edited) depends how you use the vpn server. you can setup a site to site vpn with 2 servers. it bit hard to setup but doable. Technically, all vpn servers are clients too. it's all in the config file. https://openvpn.net/vpn-server-resources/site-to-site-routing-explained-in-detail/ you would import the config file form your other vpn server into unriads. Create a peer connection to import in too your current VPN. then allow lan access via unraid. Edited May 1 by bmartino1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.