OpenVPN Server & Client for unRAID 6.2+ (6.1 are still supported)


peter_sm

Recommended Posts

6 hours ago, peter_sm said:

Can you telnet in and run this command and see what happens?

(...)

 

Running the first command:

root@derrickserver:~# /etc/rc.d/rc.openvpnserver restart
Stoping Openvpnserver.....
... Stopped
Deleting iptables rule ....
Starting Openvpn server.....
nohup: redirecting stderr to stdout
OK... Started
Adding iptables rule .....
br0
11       0     0 MASQUERADE  all  --  *      br0     10.8.0.0/24          0.0.0.0/0
root@derrickserver:~#

Running the second command took a long time, but eventually:

 

root@derrickserver:~# /etc/rc.d/rc.openvpnserver getonlineversion

root@derrickserver:~#

So something's going funky with the second one. What's going on?

Link to comment
2 hours ago, ideaman924 said:

 

Running the first command:


root@derrickserver:~# /etc/rc.d/rc.openvpnserver restart
Stoping Openvpnserver.....
... Stopped
Deleting iptables rule ....
Starting Openvpn server.....
nohup: redirecting stderr to stdout
OK... Started
Adding iptables rule .....
br0
11       0     0 MASQUERADE  all  --  *      br0     10.8.0.0/24          0.0.0.0/0
root@derrickserver:~#

Running the second command took a long time, but eventually:

 


root@derrickserver:~# /etc/rc.d/rc.openvpnserver getonlineversion

root@derrickserver:~#

So something's going funky with the second one. What's going on?

Second one was an unused function, this is now removed in latest update. Please try and let me know :-)

Link to comment
8 hours ago, peter_sm said:

Second one was an unused function, this is now removed in latest update. Please try and let me know :-)

Update worked like a charm, it now loads correctly. Thank you so much! ;)

 

EDIT: I realized why it didn't work. I looked at your commit, and the function calls the OpenVPN site. China blocks all VPN sites and sends a TCP RST packet to the script, so it'll keep retrying until eventually timing out. Just in case you were wondering why that function stopped my specific use case. Thank you for fixing it!

Edited by Guest
Link to comment

I'm getting the following in my log and a connection timeout on the ios client:

 

Thu Apr 12 10:51:14 2018 111.111.11.11:3187 OpenSSL: error:140890C7:SSL routines:ssl3_get_client_certificate:peer did not return a certificate
Thu Apr 12 10:51:14 2018 111.111.11.11:3187 TLS_ERROR: BIO read tls_read_plaintext error
Thu Apr 12 10:51:14 2018 111.111.11.11:3187 TLS Error: TLS object -> incoming plaintext read error
Thu Apr 12 10:51:14 2018 111.111.11.11:3187 TLS Error: TLS handshake failed
Thu Apr 12 10:51:14 2018 111.111.11.11:3187 SIGUSR1[soft,tls-error] received, client-instance restarting

 

I'm not sure what I have wrong or how to troubleshoot from here

Edited by mostlydave
IP changed for safety
Link to comment

@peter_sm, I just created a PR on GitHub to disable "explicit-exit-notify" for TCP connections. You can find it here:

https://github.com/petersm1/openvpnserver/pull/1

 

The reason is being, OpenVPN doesn't support the parameter on TCP connections (it's UDP only.) Therefore, I get this error:

Options error: --explicit-exit-notify can only be used with --proto udp
Use --help for more information.

The commit might have typos or some other weird stuff in it so please test it before merging. Cheers!

Link to comment
On 4/12/2018 at 10:55 AM, mostlydave said:

I'm getting the following in my log and a connection timeout on the ios client:

 

Thu Apr 12 10:51:14 2018 111.111.11.11:3187 OpenSSL: error:140890C7:SSL routines:ssl3_get_client_certificate:peer did not return a certificate
Thu Apr 12 10:51:14 2018 111.111.11.11:3187 TLS_ERROR: BIO read tls_read_plaintext error
Thu Apr 12 10:51:14 2018 111.111.11.11:3187 TLS Error: TLS object -> incoming plaintext read error
Thu Apr 12 10:51:14 2018 111.111.11.11:3187 TLS Error: TLS handshake failed
Thu Apr 12 10:51:14 2018 111.111.11.11:3187 SIGUSR1[soft,tls-error] received, client-instance restarting

 

I'm not sure what I have wrong or how to troubleshoot from here

No one has seen this error or knows how to troubleshoot?

Link to comment
  • 1 month later...
  • 2 weeks later...
  • 2 weeks later...
  • 1 month later...

Hi Peter,

 

I live in China and am having the same problem that ideaman924 had back in April, except with the Client plugin. When I try to open the settings page, all I get is the unraid interface header with a blank page below. Any solutions for this?

 

The server app works fine.

 

Thanks.

Edited by BeaverTerror
Link to comment
  • 2 weeks later...
  • 2 weeks later...

Has anyone run into an issue where the OpenVPN configuration completely disappears? I've had this happen twice now and am wondering if I should just look for another solution.

 

I am running unRAID 6.3.5.

 

Any help is greatly appreciated - thanks in advance!

Edited by QPlus7
Link to comment
38 minutes ago, QPlus7 said:

Has anyone run into an issue where the OpenVPN configuration completely disappears? I've had this happen twice now and am wondering if I should just look for another solution.

 

I am running unRAID 6.3.5.

 

Any help is greatly appreciated - thanks in advance!

I just updated OpenVPN and unRAID and guess what happened? Yup! My configuration is completely gone again.

 

Three strikes and you're out? 

Link to comment
12 hours ago, QPlus7 said:

I just updated OpenVPN and unRAID and guess what happened? Yup! My configuration is completely gone again.

 

Three strikes and you're out? 

I use the Openvpn-as server as a docker container (rather than the openvpn plugin) and have not had any problem with my configuration surviving updates.

Link to comment
  • 3 weeks later...

How would one go about setting this up for TAP mode instead of TUN?
I have tried every setting in TUN mode and cannot get hostname resolution and samba to perform correctly.

For example I can type \\<unraid>\share and it does not work, but \\<ip>\share does. However in browsers where HTTP requests are made http://unraid/ works fine since they are going through the DNS.   I figure this is only possible via TAP mode?

Link to comment

may a simple question but i couldnt find an info abut it here

 

im using currently binhex deluge vpn for the privoxy feature, as i dont use deluge ot bittorrent my question would be

 

can this vpn plugin used as vpn proxy only without putting the whole server behind the vpn ?

 

my usercase are just some apps using a proxy.

 

thanks ahead for an info

Link to comment
4 hours ago, sse450 said:

Still, Peter's repo is not available

Not quite sure what you mean though.  https://github.com/petersm1/openvpn_client_x64  And the plugin file (which is the only url listed in the OP) does install perfectly fine through the Apps tab.  (But I don't run a VPN that unRaid needs to connect to)

 

4 hours ago, sse450 said:

Do I have any other option for OpenVPN client in Unraid?

Doesn't look like it to attach the unRaid to a VPN network.  There are however VPN versions of the various "shady" apps to be able to connect to individually.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.