Jump to content
peter_sm

OpenVPN Server & Client for unRAID 6.2+ (6.1 are still supported)

843 posts in this topic Last Reply

Recommended Posts

Posted (edited)

It would be nice to see an option to select compression type and/or syntax. By that I mean being able to select whether to use 'comp-lzo' or the 'compress' command. Then also if you choose to select the 'compress' command being able to select between 'lzo', 'lz4', or 'lz4-v2'. Understanding that 'comp-lzo' is deprecated I believe 'compress lzo' should be the default syntax.

 

Having a GUI like this means putting in enough functionality so that someone doesn't need to make manual edits like this unless it's something obscure.

Edited by Taddeusz

Share this post


Link to post

Well, this is a revolting development. I changed the "comp-lzo yes" lines and all "compress" types break my connection using the official OpenVPN iOS app. Tunnelblick works fine though.

Share this post


Link to post

Well, after all that I see that the type of compression is selectable in the GUI.

 

And in the end I decided to just disable compression. Especially after reading that having it enabled is not currently secure due to the VORACLE attack vector.

Share this post


Link to post

Bump. This is pretty annoying. I always forget to restart it manually and then I go to work and I cannot access my server... Is there a way to restart it through the cmd? I could then use user.scripts to run that script on array start.

 

On 5/13/2019 at 6:44 PM, Krzaku said:

Every time I restart my Unraid server, the OpenVPN is unconnectable, I have to restart it manually. These are the logs before the restart:


Sat May 11 21:48:26 2019 OpenVPN 2.4.6 x86_64-slackware-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May  7 2018
Sat May 11 21:48:26 2019 library versions: OpenSSL 1.1.1b  26 Feb 2019, LZO 2.10
Sat May 11 21:48:26 2019 Diffie-Hellman initialized with 2048 bit key
Sat May 11 21:48:26 2019 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat May 11 21:48:26 2019 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat May 11 21:48:26 2019 TUN/TAP device tun0 opened
Sat May 11 21:48:26 2019 TUN/TAP TX queue length set to 100
Sat May 11 21:48:26 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Sat May 11 21:48:26 2019 /usr/sbin/ip link set dev tun0 up mtu 1500
Sat May 11 21:48:26 2019 /usr/sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Sat May 11 21:48:26 2019 Could not determine IPv4/IPv6 protocol. Using AF_INET
Sat May 11 21:48:26 2019 Socket Buffers: R=[212992->212992] S=[212992->212992]
Sat May 11 21:48:26 2019 TCP/UDP: Socket bind failed on local address [AF_INET]172.16.0.10:1194: Cannot assign requested address (errno=99)
Sat May 11 21:48:26 2019 Exiting due to fatal error
Sat May 11 21:48:26 2019 Closing TUN/TAP interface
Sat May 11 21:48:26 2019 /usr/sbin/ip addr del dev tun0 10.8.0.1/24

Any idea what this might be about?

 

Also, a request, can you make it possible to renew the CRL certificate? It expires after a year and it's not that easy to renew manually when you don't know what you're doing. I managed somehow but other people may not.

 

Share this post


Link to post

Hi,

 

i have to say, you have make a nice plugin, I'm not sure if this has been asked before or not.

 

i having some issue with the network setting, it work fine for internet tunneling, I setup my unraid server to use 192.168.1.10, i have some of my docker running on 192.168.1.x (custom: br0) and i was not able to access to those docker (cant event ping), but internet is working without issue. i have some other vlan (192.168.11.0/24) where i also having problem accessing too. Do need assistance on that :(

Share this post


Link to post

Hi I'm having some issues. 

 

Recently I changed my DNS server to 172.16.1.2 and the plugin is still seeing 172.16.1.1 as the dns server. I can't ping or access certain stuff using the hostname

Share this post


Link to post

hey i have been trying for weeks to get the client configuration file to show up in the dropdown of the unraid plugin.PLEASE HELP!!! i have tried putting it into the ueif/boot/openvpn/.ovpn     nothing works.    soooo frustrating!!!

Share this post


Link to post

Hi guys dose anyone have a clue as to where the config file for OpenVPN Client on UnRAID is placed? I have tried every directory and every folder.Even restarted UnRAID multiple times during the placement of the file in ton directories......nothing works.some have said place the .ovpn file in root directory of flash /boot/openvpn/(name).ovpn. This dosnt work so I have tried all other places I can think of and nothing works.I have been after this for weeks off and on.ANY HELP WOULD BE ABSOLUTELY APPRECIATED!!!!

Share this post


Link to post
1 hour ago, orybrad said:

Hi guys dose anyone have a clue as to where the config file for OpenVPN Client on UnRAID is placed?

You already asked about that plugin in the correct plugin thread. That (nerd tools) was not the correct plugin thread. Please don't clutter up plugin and docker support threads with random questions about other things.

 

I have split these into the correct plugin thread.

 

Share this post


Link to post

Is there a way to make this accessible as a VPN client as a VPN gateway for other devices on the network and not just docker containers?

Share this post


Link to post

Sorry for the potentially stupid question, but if I am connected to my VPN from my Unraid server, does it route all of the traffic from my server through said VPN including docker traffic?  I see a lot of discussion around reverse proxy setups and I was just wondering what was the necessity to do that if a VPN connection was constantly maintained from Unraid.

 

Thanks.

Share this post


Link to post

Hey guys, I updated my OS last night to the latest version, and when I rebooted the server, It essentially stopped the plugin (was working perfectly before). Can someone please remind me how I can actually start the openvpn server plugin again. The status plugin shows it's not running (been started).

It's probably a simple switch, yet i can't find it!

Share this post


Link to post
8 hours ago, baldfox said:

Hey guys, I updated my OS last night to the latest version, and when I rebooted the server, It essentially stopped the plugin (was working perfectly before). Can someone please remind me how I can actually start the openvpn server plugin again. The status plugin shows it's not running (been started).

It's probably a simple switch, yet i can't find it!

Just had to go through the procedure again of setting up the openvpn server plugin from scratch and it's working again. For some reason the most recent upgrade wiped out my previous settings / certs etc. Not sure if that's an intentional safery feature or not, but i had no way of restarting the openvpn server (in the plugin) until I re did the certs and server configs etc... i.e. went through the checklist again.

Share this post


Link to post

I'd there any way to configure two instances of this plugin? I would like to have a udp and tcp instance, preferably sharing the same keys and everything.

 

Worst case I can configure one in docker and have the primary as the plugin.

Share this post


Link to post

Im using OpenVPN client and every so often my modem reboots and my dockers etc lose internet activity because the OpenVPN client disconnected and shows no WAN IP Address and I have to manually stop/start the plugin to reconnect and regain access.

Is it possible to periodically check the connection status and restart/reconnect if disconnected 

Share this post


Link to post

I'm having some problems with the OpenVPN and I'm already using a let's encrypt docker container for nextcloud. Can somebody direct me how the Port share setting works using port 443?

 

Share this post


Link to post

so i've got the plugin up and running WITHIN my network but it doesn't work outside my network i've forwarded the correct port but am lost on how to have this set so i can connect when I'm not on my network 

Share this post


Link to post

I have installed the OpenVPN plug-in and have it started connecting to a UDP Private Access.

 

But if I try to access the server out side of local network, it only works using the routers WAN IP. I would expect to us the OpenVPN IP.

 

What have I done wrong?

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.