Jump to content
peter_sm

OpenVPN Server & Client for unRAID 6.2+ (6.1 are still supported)

830 posts in this topic Last Reply

Recommended Posts

I have a quick question, is there any way to verify that all of my unraid traffic is going through the VPN both docker and Xen vm's? If I google "where am i" in my windows 8.1 vm it finds my exact location.

 

I would also like to be able to verify this...

Share this post


Link to post

Hey,

 

I don't know if i'm missing something, but i've pasted

https://raw.githubusercontent.com/petersm1/openvpn_server_x64/master/openvpn_server_x64.plg

into the 'install plugins' tab of 6 beta12, and it seems to run a script, but after i click 'done' there is no visible icon / tab etc for openvpn on any page. The only difference i can see on the flash drive is the addition to

'expect-5.44.1.15-x86_64-2.txz'

and

'tcl-8.6.1-x86_64-1.txz'

into root/packages

 

Am i doing something wrong?  :(

 

Rich

Share this post


Link to post

All good now, they have been updated OpenVPN packages to 2.3.6 ,both plugin are now updated.

 

//Peter

Share this post


Link to post

hi,

 

i've got a pretty basic question. is there a difference between setting up vpn on my router or my unraid machine in terms of security for my downloads?

 

thanks for your help :)

Share this post


Link to post

Not sure if I'm doing anything wrong or missing anything. I'm on v6b12. Pasted the URL for the OpenVPN Server plugin as posted in post #1. Getting this:

 

/usr/local/sbin/plugin install https://raw.githubusercontent.com/petersm1/openvpn_server_x64/master/openvpn_server_x64.plg 2>&1

plugin: installing: https://raw.githubusercontent.com/petersm1/openvpn_server_x64/master/openvpn_server_x64.plg

plugin: downloading https://raw.githubusercontent.com/petersm1/openvpn_server_x64/master/openvpn_server_x64.plg

plugin: creating: /boot/packages/tcl-8.6.1-x86_64-1.txz - downloading from URL ftp://ftp.sunet.se/pub/os/Linux/distributions/slackware//slackware64-14.1/slackware64/tcl/tcl-8.6.1-x86_64-1.txz

plugin: wget: ftp://ftp.sunet.se/pub/os/Linux/distributions/slackware//slackware64-14.1/slackware64/tcl/tcl-8.6.1-x86_64-1.txz retval: 4

 

Clicking the Done button but doesnt seem like the plugin has been installed. Tried this number of times. The client plugin installed just fine by the way. Ideas?

Share this post


Link to post

Tested on a fresh unaraid VM, and it looks fine.

 

/usr/local/sbin/plugin install https://raw.githubusercontent.com/petersm1/openvpn_server_x64/master/openvpn_server_x64.plg 2>&1
plugin: installing: https://raw.githubusercontent.com/petersm1/openvpn_server_x64/master/openvpn_server_x64.plg
plugin: downloading https://raw.githubusercontent.com/petersm1/openvpn_server_x64/master/openvpn_server_x64.plg
plugin: creating: /boot/packages/tcl-8.6.1-x86_64-1.txz - downloading from URL ftp://ftp.sunet.se/pub/os/Linux/distributions/slackware//slackware64-14.1/slackware64/tcl/tcl-8.6.1-x86_64-1.txz
plugin: checking: /boot/packages/tcl-8.6.1-x86_64-1.txz - MD5
plugin: running: /boot/packages/tcl-8.6.1-x86_64-1.txz

+==============================================================================
| Installing new package /boot/packages/tcl-8.6.1-x86_64-1.txz
+==============================================================================

Verifying package tcl-8.6.1-x86_64-1.txz.
Installing package tcl-8.6.1-x86_64-1.txz:
PACKAGE DESCRIPTION:
# tcl (Tool Command Language)
#
# Tcl, developed by Dr. John Ousterhout, is a simple to use text-based
# script language with many built-in features which make it especially
# nice for writing interactive scripts.
#
Executing install script for tcl-8.6.1-x86_64-1.txz.
Package tcl-8.6.1-x86_64-1.txz installed.


plugin: creating: /boot/packages/expect-5.44.1.15-x86_64-2.txz - downloading from URL ftp://ftp.sunet.se/pub/os/Linux/distributions/slackware//slackware64-14.1/slackware64/tcl/expect-5.44.1.15-x86_64-2.txz
plugin: checking: /boot/packages/expect-5.44.1.15-x86_64-2.txz - MD5
plugin: running: /boot/packages/expect-5.44.1.15-x86_64-2.txz

+==============================================================================
| Installing new package /boot/packages/expect-5.44.1.15-x86_64-2.txz
+==============================================================================

Verifying package expect-5.44.1.15-x86_64-2.txz.
Installing package expect-5.44.1.15-x86_64-2.txz:
PACKAGE DESCRIPTION:
# expect (program that talks to other interactive programs)
#
# Expect is a program that talks to other interactive programs according
# to a script. Following the script, Expect knows what can be expected
# from a program and what the correct response should be. An
# interpreted language provides branching and high-level control
# structures to direct the dialogue. 
#
# Expect was written by Don Libes of the National Institute of Standards
# and Technology.
#
Package expect-5.44.1.15-x86_64-2.txz installed.


plugin: creating: /boot/packages/openvpn-2.3.6-x86_64-1.txz - downloading from URL ftp://ftp.sunet.se/pub/os/Linux/distributions/slackware//slackware64-current/slackware64/n/openvpn-2.3.6-x86_64-1.txz
plugin: checking: /boot/packages/openvpn-2.3.6-x86_64-1.txz - MD5
plugin: running: /boot/packages/openvpn-2.3.6-x86_64-1.txz

+==============================================================================
| Installing new package /boot/packages/openvpn-2.3.6-x86_64-1.txz
+==============================================================================

Verifying package openvpn-2.3.6-x86_64-1.txz.
Installing package openvpn-2.3.6-x86_64-1.txz:
PACKAGE DESCRIPTION:
# openvpn (secure IP tunnel daemon)
#
# OpenVPN is a full-featured SSL VPN which can accommodate a wide range
# of configurations, including remote access, site-to-site VPNs, WiFi
# security, and enterprise-scale remote access with load balancing,
# failover, and fine-grained access-controls.
#
# OpenVPN's home on the net is: http://openvpn.net
#
Executing install script for openvpn-2.3.6-x86_64-1.txz.
Package openvpn-2.3.6-x86_64-1.txz installed.


plugin: creating: /boot/config/plugins/openvpnserver/openvpnserver-2014.12.13.tar.gz - downloading from URL "https://github.com/petersm1/openvpn_server_x64/archive/2014.12.13.tar.gz"
plugin: running: 'anonymous'
mkdir: cannot create directory '/dev/net': File exists
mknod: '/dev/net/tun': File exists
plugin: creating: /var/local/emhttp/plugins/openvpnserver/check-my-ip.sh - from INLINE content
plugin: setting: /var/local/emhttp/plugins/openvpnserver/check-my-ip.sh - mode to 0770
plugin: creating: /var/log/plugins/openvpnserver - from INLINE content
plugin: installed

 

Share this post


Link to post

New update for The Server PLUGIN

 

The plugin are now using EasyRSA V3, that's mean after you have done this upgrade you then need to recreate all the config files and cert/keys for the server and clients!!.

You can now chose to create one inline file for the clients! works perfect on iOS & Android!

 

 

Share this post


Link to post

Peter - Would it be possible to skip one or couple of application from routing through the VPN and let is go through the WAN? I need plex and madsonic to pass through, PIA VPN allows only one port forward.

 

Hi,

 

First, I did this function with help from other resources that asked for this features, and If some one can highlight to me how to verify above issue and how to solve it I would be happy,  I'm far away an expert of routing.

 

Since I don't can't support these extra function to route traffic, I think to remove this from the plugin, and user hopefully can come up with a solution outside the plugin.

 

//Peter

Share this post


Link to post

I just installed this and got the cert on my phone (I did inline) but I'm unable to connect back to my server, I get a timeout. I'm confused on 2 of the settings

 

openvpn server ip - the default is 10.8.0.0 what should this be set to, is it different than the server's local ip or WAN IP?

 

I have a duckdns account and when I try to enter it in the dynamic dns box It's getting cut off after 25 charachters, my address is longer than that, is there a way to make it work?

Share this post


Link to post

 

 

I just installed this and got the cert on my phone (I did inline) but I'm unable to connect back to my server, I get a timeout. I'm confused on 2 of the settings

 

openvpn server ip - the default is 10.8.0.0 what should this be set to, is it different than the server's local ip or WAN IP?

 

I have a duckdns account and when I try to enter it in the dynamic dns box It's getting cut off after 25 charachters, my address is longer than that, is there a way to make it work?

 

Have you opened the port on your router? If so what port number are you using? 1194?

 

10.8.0.0 is the VPN IP, I.e the IP address that open VPN clients can use, this can be left alone. With the v6 server version you can connect via the VPN IP to your server or you can connect via the local LAN IP.

 

Petersm will have to look at the characters limit for you but it may be possible to directly edit the config files instead

Share this post


Link to post

 

 

I just installed this and got the cert on my phone (I did inline) but I'm unable to connect back to my server, I get a timeout. I'm confused on 2 of the settings

 

openvpn server ip - the default is 10.8.0.0 what should this be set to, is it different than the server's local ip or WAN IP?

 

I have a duckdns account and when I try to enter it in the dynamic dns box It's getting cut off after 25 charachters, my address is longer than that, is there a way to make it work?

 

Have you opened the port on your router? If so what port number are you using? 1194?

 

10.8.0.0 is the VPN IP, I.e the IP address that open VPN clients can use, this can be left alone. With the v6 server version you can connect via the VPN IP to your server or you can connect via the local LAN IP.

 

Petersm will have to look at the characters limit for you but it may be possible to directly edit the config files instead

 

Thanks! I was missing the open port, I opened it up and it works now. I'm assuming it's safe to leave that port open and the only thing that will be able to connect is a valid client with the certificates?

Share this post


Link to post

Peter - Would it be possible to skip one or couple of application from routing through the VPN and let is go through the WAN? I need plex and madsonic to pass through, PIA VPN allows only one port forward.

 

Hi,

 

First, I did this function with help from other resources that asked for this features, and If some one can highlight to me how to verify above issue and how to solve it I would be happy,  I'm far away an expert of routing.

 

Since I don't can't support these extra function to route traffic, I think to remove this from the plugin, and user hopefully can come up with a solution outside the plugin.

 

//Peter

 

htpcnewbie, could you post the script you use to resolve the port that PIA forwards you?  I've tried using several and never seem to get a json response to indicate which port they allotted me.

Share this post


Link to post

I've got everything setup and working great, I want to add a dynamic DNS address to the config, after adding it do I need to do anything to update the clients? I'm really only using an iphone as a clinet at this point, do I have to regenerate it's inline file when the settings are changed?

 

 

Share this post


Link to post

Is there any way to unrevoke a client or clean up the list of revoked clients?

 

Can anyone reccomed a dynamic dns service? I'm using duckdns because it's free but I'm not seeing any way to have my server itself update the WAN IP.

Share this post


Link to post

OK managed to get most of it installed. Just easy-rsa. I can see what's wrong, the path to github is wrong. But I've edited the plugin to put the right path and still no joy.

Share this post


Link to post

Just wanted to say thank you for all of your hard work in making this great plugin.

 

Installing OpenVPN seemed like a daunting task but this made it easy. I managed to get my Macbook and iPhone logged into my unRAID 6v14 server in around 5 minutes ...awesome!

Share this post


Link to post

Not connected! tun5 not established!!!

 

What does it mean??  I can't connect

Share this post


Link to post

Not connected! tun5 not established!!!

 

What does it mean??  I can't connect

 

I turned on the server monitor and see this

 

"/etc/rc.d/rc.openvpnclient: line 309: openvpn: command not found"

 

 

Please help~!

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.