Jump to content
peter_sm

OpenVPN Server & Client for unRAID 6.2+ (6.1 are still supported)

831 posts in this topic Last Reply

Recommended Posts

What is the expected slowdown to expect from running open vpn server?

 

Got it running.  Intel i7 Unraid server on gigabit Google Fiber, and connecting remotely with an i5 W10 laptop via 100/10 Comcast and ran a speedtest, I get 30/10 max through the vpn.  I lose 70%of my download speed but nothing on my upload.

 

Is this typical overhead for openvpn?  GF isn't the limiting factor.

 

What overhead are others finding?

 

Share this post


Link to post

I guess I need to try to connect remotely from another Google fiber location and run the speed test from there.

 

I did try and copy large files across the vpn and per the Windows 8 and Windows 10 file explorer was getting 1.5 - 2.2 mb/sec over the 100mbs Comcast line.

Share this post


Link to post

Because of IP conflicts I had to change the IP address of my server.  Now OpenVPN won't start and the logs show

 

Thu Nov 12 21:38:25 2015 OpenVPN 2.3.6 x86_64-slackware-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Dec 10 2014
Thu Nov 12 21:38:25 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.03
Thu Nov 12 21:38:25 2015 MANAGEMENT: Socket bind failed on local address [AF_INET]192.168.3.142:10000: Cannot assign requested address
Thu Nov 12 21:38:25 2015 Exiting due to fatal error
Thu Nov 12 21:38:45 2015 OpenVPN 2.3.6 x86_64-slackware-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Dec 10 2014
Thu Nov 12 21:38:45 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.03
Thu Nov 12 21:38:45 2015 MANAGEMENT: Socket bind failed on local address [AF_INET]192.168.3.142:10000: Cannot assign requested address
Thu Nov 12 21:38:45 2015 Exiting due to fatal error
Sat Nov 14 09:03:05 2015 OpenVPN 2.3.6 x86_64-slackware-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Dec 10 2014
Sat Nov 14 09:03:05 2015 library versions: OpenSSL 1.0.1p 9 Jul 2015, LZO 2.03
Sat Nov 14 09:03:05 2015 MANAGEMENT: Socket bind failed on local address [AF_INET]192.168.3.142:10000: Cannot assign requested address
Sat Nov 14 09:03:05 2015 Exiting due to fatal error

 

and

 

default via 192.168.3.1 dev br0  metric 1 
127.0.0.0/8 dev lo  scope link 
172.17.0.0/16 dev docker0  proto kernel  scope link  src 172.17.42.1 
192.168.3.0/24 dev br0  proto kernel  scope link  src 192.168.3.82 
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1 

Share this post


Link to post

Because of IP conflicts I had to change the IP address of my server.

 

Is the only way to fix, to uninstall OpenVPN and reinstall everything regenerating the certs on the server and all the clients?

Share this post


Link to post

Do you set IP for VPN on same network as your LAN?

 

No my original server ip was 192.168.3.142.  I needed to change it to 196.168.3.82 and the VPN server IP was left at the default of 10.8.0.0

 

Because of the openvpn would not work after I changed the IP, I have moved back to .142

 

I can change the address of the VPN Server easily, but is it safe to make it 192.168.3.0??  Won't I get a conflict with my router gateway at 192.168.3.1?

 

How do you run yours??

Share this post


Link to post

Router 192.168.0.1 Unraid 192.168.0.190 vpn 10.10.0.0

 

OK, that is the way mine is too. 

 

If you changed your server IP from .190 to something else like .231 would your OpenVPN installation need to be deleted and reinstalled with new certs and new clients? 

 

When I changed the IP of my unRaid server (not my VPN server) everything stopped working.

 

 

Share this post


Link to post

I'm getting the following error on trying to install the plugin:

 

plugin: installing: https://raw.githubusercontent.com/petersm1/openvpnserver/master/openvpn_server_x64.plg
plugin: downloading https://raw.githubusercontent.com/petersm1/openvpnserver/master/openvpn_server_x64.plg
plugin: downloading: https://raw.githubusercontent.com/petersm1/openvpnserver/master/openvpn_server_x64.plg ... done
plugin: downloading: http://mirrors.slackware.com/slackware/slackware64-current/slackware64/tcl/tcl-8.6.4-x86_64-1.txz ... done
plugin: bad file MD5: /boot/packages/tcl-8.6.1-x86_64-1.txz

Share this post


Link to post

hi,  i hope you can help me.

i am running openvpn on my unraid machine and it works great. but i also want to owncloud in either a vm or docker but i can't get all the port forwarding right with my von provider (PIA).

 

so my question is, if there is a way to exclude a specific docker container or vm from openvpn so it would be assigned my "normal" public ip? 

 

thanks for your help

Share this post


Link to post

When in China and accessing my USA unRaid box running openvpn, I typically get a delay before I can access local or any internet through the vpn from my Win10 laptop.  Then next time it is instant, and then it won't connect at all.  I can only describe it as sort of works ....

 

(used to access local files, and get to gmail now that even my phone can't get my gmail in China)

 

c:\>ping google.com 

Pinging google.com [216.58..221.78] with 32 bytes of data
Request timed out
Request timed out
Request timed out
Request timed out

 

 

 

Share this post


Link to post

I have an SSL certificate for my server as i need to access it remotely for various reasons. Is it possible to use that with openvpn server for extra security? What are the steps required to get that set up?

Share this post


Link to post

i am running openvpn on my unraid machine and it works great. but i also want to owncloud in either a vm or docker but i can't get all the port forwarding right with my von provider (PIA).

 

so my question is, if there is a way to exclude a specific docker container or vm from openvpn so it would be assigned my "normal" public ip? 

This! Or in my case, a way to ONLY send specific docker containers through the VPN connection would be preferred. I managed to get Deluge running through a dockerized OpenVPN connection, but then I need to use a reverse proxy docker to access the webUI, and even then, I can't access the daemon anymore.

I know that using Pipework you can assign a docker container its own IP address and specifcy a network interface to use, but I'm not sure how to use it properly.

Share this post


Link to post

Just thought I would let folk now about my success with running this OpenVPN client and forwarding a port to allow the use of a docker remotely.

 

I use Torguard as my VPN provider.

 

When running the client for the first time, I made a note of the allocated WAN IP from the VPN server that I had selected.  I then had to go into the "openvpn" folder in the flash drive and open the corresponding OVPN file for the server that I wanted to use (In my case TorGuard.Netherlands). By changing the text "nl.torguardvpnaccess.com" to the allocated WAN IP address that I had been allocated, I was able to ensure that the WAN IP remained the same on restart of the client.

 

It is then possible to log into the Torguard site and request a port to be opened for the WAN IP that we allocated.

 

I have this setup to use Air Video HD remotely and it works great.

 

edit: Sometimes.....

Share this post


Link to post

Just thought I would let folk now about my success with running this OpenVPN client and forwarding a port to allow the use of a docker remotely.

 

I use Torguard as my VPN provider.

 

When running the client for the first time, I made a note of the allocated WAN IP from the VPN server that I had selected.  I then had to go into the "openvpn" folder in the flash drive and open the corresponding OVPN file for the server that I wanted to use (In my case TorGuard.Netherlands). By changing the text "nl.torguardvpnaccess.com" to the allocated WAN IP address that I had been allocated, I was able to ensure that the WAN IP remained the same on restart of the client.

 

It is then possible to log into the Torguard site and request a port to be opened for the WAN IP that we allocated.

 

I have this setup to use Air Video HD remotely and it works great.

 

Actually......

 

It works great until it a bit of renaming goes on:

 

27yv1ua.png

 

Then the VPN closes and the web GUI locks up.

 

After killing the OpenVPN plugin the GUI unfreezes.  I am then able to restart the OpenVPN client and all is well until it kicks off again a few hours later.

 

I tried a reboot to reset the NIC.

 

Any ideas?

 

Share this post


Link to post

So, I have been sent a new port forward openvpn config and certificate file for the selected WAN IP by Torguard.  Having dropped this into my openvpn folder on the flash drive, all seems ok for now (Fingers crossed).

 

The only odd thing that is happening is that when the VPN is running, I am unable to access AppStore application correctly.  When I try and use it I get the following:

 

"Download of appfeed failed. Reverting to legacy mode"

 

When it runs in legacy mode it works as it should.

 

If I turn off the VPN, the AppStore application works just fine.

 

What have I missed here? Any more ideas?

 

 

Share this post


Link to post

So, I have been sent a new port forward openvpn config and certificate file for the selected WAN IP by Torguard.  Having dropped this into my openvpn folder on the flash drive, all seems ok for now (Fingers crossed).

 

The only odd thing that is happening is that when the VPN is running, I am unable to access AppStore application correctly.  When I try and use it I get the following:

 

"Download of appfeed failed. Reverting to legacy mode"

 

When it runs in legacy mode it works as it should.

 

If I turn off the VPN, the AppStore application works just fine.

 

What have I missed here? Any more ideas?

Here's the link to the AppFeed for reference:  http://tools.linuxserver.io/unraid-docker-templates.json

Share this post


Link to post

I must be clueless.. I just installed the x64 server plugin....followed the directions, but cant see the button to "add clients"

 

I installed, set path to store RSA keys and such to my Cache/Appdata drive, saved.  Clicked INSTALL RSA, then clicked GENERATE SERVER CERT.

 

Now the instructions say to Add a client...but I dont see where to do this.  Help???

Screen_Shot_2015-12-30_at_9_35.26_PM.png.65f31edc4938b33d67673c836c189c96.png

Screen_Shot_2015-12-30_at_9_35.40_PM.png.dc5ec6158ee0fed8a85b2fef778c8af4.png

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.