aptalca Posted July 9, 2015 Share Posted July 9, 2015 Has anybody been able to access any of the machines in their local lan from the VPN client using the hostname? I.E. "ping tower" from the OpenVPN client Tried a lot of different things, never got it to work. I'm using the ip addresses, no big deal Quote Link to comment
Bungy Posted July 9, 2015 Share Posted July 9, 2015 Has anybody been able to access any of the machines in their local lan from the VPN client using the hostname? I.E. "ping tower" from the OpenVPN client Tried a lot of different things, never got it to work. I'm using the ip addresses, no big deal I think my problem is that the client's can't access my dd-wrt router, which is what handles the lan dns hostname resolution. I think the options are to switch to bridged mode or somehow allow the 172.X.X.X subnet to talk to the router. Quote Link to comment
Bungy Posted July 9, 2015 Share Posted July 9, 2015 Has anybody been able to access any of the machines in their local lan from the VPN client using the hostname? I.E. "ping tower" from the OpenVPN client Tried a lot of different things, never got it to work. I'm using the ip addresses, no big deal I think my problem is that the client's can't access my dd-wrt router, which is what handles the lan dns hostname resolution. I think the options are to switch to bridged mode or somehow allow the 172.X.X.X subnet to talk to the router. I got it to work by re-enabling NAT, which allows my VPN clients to communicate with my router. I then set the primary DNS server to my router's ip address and the seconday to google's 8.8.8.8. The problem I'm having now is my VPN clients can't connect to any resources on the lan other then unraid and my router. Quote Link to comment
Bungy Posted July 9, 2015 Share Posted July 9, 2015 Has anybody been able to access any of the machines in their local lan from the VPN client using the hostname? I.E. "ping tower" from the OpenVPN client Tried a lot of different things, never got it to work. I'm using the ip addresses, no big deal I think my problem is that the client's can't access my dd-wrt router, which is what handles the lan dns hostname resolution. I think the options are to switch to bridged mode or somehow allow the 172.X.X.X subnet to talk to the router. I got it to work by re-enabling NAT, which allows my VPN clients to communicate with my router. I then set the primary DNS server to my router's ip address and the seconday to google's 8.8.8.8. The problem I'm having now is my VPN clients can't connect to any resources on the lan other then unraid and my router. I feel like I'm spamming now. It turned out to be a windows firewall issue. I resolved it by allowing connections through "public" networks. I thought the traffic would look like it's coming from the local network, but this is not the case probably because of the 172.X.X.X ip address. Quote Link to comment
aptalca Posted July 9, 2015 Share Posted July 9, 2015 Has anybody been able to access any of the machines in their local lan from the VPN client using the hostname? I.E. "ping tower" from the OpenVPN client Tried a lot of different things, never got it to work. I'm using the ip addresses, no big deal I think my problem is that the client's can't access my dd-wrt router, which is what handles the lan dns hostname resolution. I think the options are to switch to bridged mode or somehow allow the 172.X.X.X subnet to talk to the router. I got it to work by re-enabling NAT, which allows my VPN clients to communicate with my router. I then set the primary DNS server to my router's ip address and the seconday to google's 8.8.8.8. The problem I'm having now is my VPN clients can't connect to any resources on the lan other then unraid and my router. I feel like I'm spamming now. It turned out to be a windows firewall issue. I resolved it by allowing connections through "public" networks. I thought the traffic would look like it's coming from the local network, but this is not the case probably because of the 172.X.X.X ip address. That's interesting. I'll look into it, too. In my experience, I have no problems accessing the router on the client machines (they can access all three of my routers, including the one running the dhcp server for the lan). I had the dns set to use the dhcp router ip as well, but no local name resolution. I'll try the Windows firewall settings Quote Link to comment
Bungy Posted July 9, 2015 Share Posted July 9, 2015 Has anybody been able to access any of the machines in their local lan from the VPN client using the hostname? I.E. "ping tower" from the OpenVPN client Tried a lot of different things, never got it to work. I'm using the ip addresses, no big deal I think my problem is that the client's can't access my dd-wrt router, which is what handles the lan dns hostname resolution. I think the options are to switch to bridged mode or somehow allow the 172.X.X.X subnet to talk to the router. I got it to work by re-enabling NAT, which allows my VPN clients to communicate with my router. I then set the primary DNS server to my router's ip address and the seconday to google's 8.8.8.8. The problem I'm having now is my VPN clients can't connect to any resources on the lan other then unraid and my router. I feel like I'm spamming now. It turned out to be a windows firewall issue. I resolved it by allowing connections through "public" networks. I thought the traffic would look like it's coming from the local network, but this is not the case probably because of the 172.X.X.X ip address. That's interesting. I'll look into it, too. In my experience, I have no problems accessing the router on the client machines (they can access all three of my routers, including the one running the dhcp server for the lan). I had the dns set to use the dhcp router ip as well, but no local name resolution. I'll try the Windows firewall settings I was able to communicate with all lan devices once I turned NAT back on. I was trying to use the routing tables instead, but that attempt failed. Turning off the windows firewall was only to allow rdp connections to my windows machine and won't help with resolving hostnames. Try assigning a dns suffix on your router if it supports it. Then tell your openvpn server to assign the same suffix to its clients. If you set it to "home" you would lookup the hostname like "ping tower.home". I think it also helped me that my router runs dnsmasq. Quote Link to comment
aptalca Posted July 10, 2015 Share Posted July 10, 2015 I am really confused about this hostname business. I have a TP-Link router that is also the DHCP server. When I am on the local lan, from a windows machine, I can connect to tower with no problems. When I click on Network, it finds and lists all the computers with their hostnames. When I am on openvpn, the network displays only the machine I am on, and nothing else. I cannot reach any other machines using their hostnames. But I can reach them through their IP. (Interestingly, in windows command prompt, if I ping 192.168.1.XX for unRaid, it successfully pings AND displays its hostname TOWER) In openvpn server settings, I have it set to use NAT, enabled access to all private subnets, etc. If I set the DNS server to just my router IP, DNS doesn't resolve at all. If I set it to Google, it works. Either way, local hostnames don't resolve. Now the real interesting part, my TP-Link router software has a diagnostic tool, where it can ping and tracert. Neither works with hostnames, but they do with IPs. So the question is, is my router not acting as a DNS server, but only the DHCP server? Perhaps it forwards all DNS requests directly to the DNS provider set in its settings (google in my case)? If it is forwarding all requests to the outside, then how come on the LAN, all computers are reachable via their hostnames? Thanks Quote Link to comment
Bungy Posted July 10, 2015 Share Posted July 10, 2015 My guess is that since your router is resolving LAN hostnames, it may be doing this through the WINS or NetBIOS instead of DNS. I'm guessing it is acting like a DNS server for your LAN, but isn't accepting requests from other networks (i.e. openvpn). I'm guessing the router-based lookup tools failed because it's using the DNS server assigned for it's WAN ports instead of the DNS server it is running locally. You can try setting openvpn to assign a WINS server address to its clients. You can also try enabling NetBIOS. Also make sure your router is set as the first DNS server. The clients only use the 2nd dns server if the first one times out. I can help you with a LOT more specifics if you flash your router to a DD-WRT firmware. I'm much more familiar with those than TP-LINK. Quote Link to comment
macester Posted July 10, 2015 Author Share Posted July 10, 2015 What Bungy said, but since WINS and NetBIOS only work on local LAN there is no use on setting it in openvpn since openvpn clients are in another subnet(useing NAT, no idea if there is any route options in openvpn-as). It can be done with routing but gusessing the tp-link won´t support it, (did this between to pfsense boxes a fwee years ago). Best bet if you really need to resolve local host names is do as Bungy said with DD-WRT(dnsmasq) or maby since unraid now have KVM do something cool and virtualise pfsense=P. EDIT...my bad... Found my old notes.. configured samba to allow other subnets to talk with NetBIOS protocol and then opened the ports for vpn to host(shouldent be needed in this case) Quote Link to comment
aptalca Posted July 10, 2015 Share Posted July 10, 2015 Thanks for the tips. I actually have ddwrt running on another router on the network (backup vpn server). I'll look into turning that into the dns server Quote Link to comment
m4f1050 Posted July 14, 2015 Share Posted July 14, 2015 I'm using the docker and everything works fine except any other docker when I try to access it, it doesn't see it. i.e. CouchPotato, I have it on {server ip}:8083 I can access it from my local network, but when I connect from my phone 4G -> OpenVPN I can only access {server ip} and see unRAID's GUI, but I can't go to {server ip}:8083 Any ideas? Quote Link to comment
m4f1050 Posted July 15, 2015 Share Posted July 15, 2015 I'm using the docker and everything works fine except any other docker when I try to access it, it doesn't see it. i.e. CouchPotato, I have it on {server ip}:8083 I can access it from my local network, but when I connect from my phone 4G -> OpenVPN I can only access {server ip} and see unRAID's GUI, but I can't go to {server ip}:8083 Any ideas? More info: Dockers are using network type Bridged and I am mapping my own ports, i.e 5050 -> 8083 Do I need to configure OpenVPN to use br0? I have it set to listen on all ports. HELP! Quote Link to comment
Bungy Posted July 15, 2015 Share Posted July 15, 2015 Do you have your openvpn set up under routing or NAT mode? Can you post some screenshots of your settings? Quote Link to comment
m4f1050 Posted July 15, 2015 Share Posted July 15, 2015 OSI layer for VPN tunneling: Layer 3 (routing/NAT) and on next page VPN IP Network Specify the addresses and netmasks for the virtual networks created for VPN clients Dynamic IP Address Network When a user does not have a specific VPN IP address configured on the User Permissions page, the user's VPN client is assigned an address from this network. Network Address, Number of Bits in Netmask 192.168.50.0, 24 Routing Should VPN clients have access to private subnets (non-public networks on the server side)? Yes, using NAT Yes, using routing (advanced) ---------- Tried both, no difference ---------- Specify the private subnets to which all clients should be given access (as 'network/netmask_bits', one per line): 192.168.25.0/24 192.168.50.0/24 What I'm doing is using VNC Viewer into one of my local network machine and using it's web browser in the meantime (while I figure this out) Quote Link to comment
Bungy Posted July 15, 2015 Share Posted July 15, 2015 It looks like 192.168.50.0 is your VPN and 192.168.25.0 is your LAN. Is that correct? Try setting "Should clients be allowed to access network services on the VPN gateway IP address?" to yes. What are your dns settings on that same page? Also, can you ping other machines on the LAN when connected through the VPN? Quote Link to comment
jrdnlc Posted July 27, 2015 Share Posted July 27, 2015 I can't access the OpenVPN webUI can someone help me? I tried everything and can't get it to work for some reason. I already edited the variables Quote Link to comment
Jetjockey Posted July 27, 2015 Share Posted July 27, 2015 Another question please. I've just installed Openvpn through Docker and started to configure it. It's not easy when your new to VPN but I got maybe 70% of the way there. However...... I noticed that with OpenVPN running Plexconnect appears to stop working (sort of). I think Plexconnect is still running as my ATV3 can still get Apple content and Netflix etc works, but the minute I press the "Trailers" icon on the ATV3 I get the message "Trailers is not available". I also get this message if I stop Plexconnect (with Openvpn not running) but then of course I get no Apple content or Netflix etc on the ATV3. It's an odd one and I don't understand entirely what Openvpn is doing to my Unraid server behind the scenes. PMS and Plexconnect have been working great (both installed via Docker) so this appears to be an Openvpn issue. Could some expert on here suggest what the problem might be please as I would like to run Openvpn. I'm running Unraid Ver 6.latest Pro 64bit fully paid up on a Supermicro x10SL7-F-o with an E1231v3 so I doubt it's a hardware problem. I understand Plexconnect uses port 443 but I have disabled the use of this port by Openvpn to avoid conflicts.. Many thanks in advance. Quote Link to comment
keepitshut Posted July 27, 2015 Share Posted July 27, 2015 Hi here just to say that the OpenVPN template works great! Got everything setup and running very smoothly! Just wondering how do I use the VPN to access things like the unRAID UI and sonarr using the internet? Quote Link to comment
aptalca Posted July 27, 2015 Share Posted July 27, 2015 Hi here just to say that the OpenVPN template works great! Got everything setup and running very smoothly! Just wondering how do I use the VPN to access things like the unRAID UI and sonarr using the internet? Vpn in to your home network. Browse to the internal ip of your server, out the port of any app like sonarr Quote Link to comment
dialmformumbojumbo Posted July 28, 2015 Share Posted July 28, 2015 I can't access the OpenVPN webUI can someone help me? I tried everything and can't get it to work for some reason. I already edited the variables Same here, only been using dockers since yesterday so it's all quite new to me still. Quote Link to comment
macester Posted July 30, 2015 Author Share Posted July 30, 2015 Sorry for the late reply, sitting in the only hotel with internet so far on My Summer travels, If the web docent work try port 993 or 443 (check openvpn HomePage) sorry for the wierd autocorrection. Best bet IF web ui docent work is Old config (then clear IT) or the port is already in use (SSH to unraid and do a "PS -aux" And post IT. I bet this post loks like mess sitting on what could be the only iPad in Vietnam, however maby i sould change the default ui port?(same for SSL connections as web ui,or kinda booth works as default) And make the admin name changeable insteead Of "openvpn"?. Best Regards //mace PS. Post or mess the docker log right click and log. Quote Link to comment
bux5aa1Bah Posted July 30, 2015 Share Posted July 30, 2015 I can't access the OpenVPN webUI can someone help me? I tried everything and can't get it to work for some reason. I already edited the variables I just setup the container myself and had the same problem. It turned out that it doesn't play well with bonding. Here's what I had to do make it work: - Setup container as usual - Enter the running container with 'docker exec -i -t <ID> /bin/bash' - Run 'apt-get update && apt-get install sqlite3' - Change to '/config/etc/db' and run 'sqlite3 config.db' - within the sqlite3 shell 'select * from config'. You'll see some records with network interface 'eth0'. - run these queries: UPDATE config SET value = 'bond0' WHERE name = 'admin_ui.https.ip_address'; UPDATE config SET value = 'bond0' WHERE name = 'cs.https.ip_address'; UPDATE config SET value = 'bond0' WHERE name = 'vpn.daemon.0.listen.ip_address'; UPDATE config SET value = 'bond0' WHERE name = 'vpn.daemon.0.server.ip_address'; (not sure anymore if these are all, just make sure you update all configs where eth0 is in. - restart the container. That did it for me. Quote Link to comment
chvb Posted August 12, 2015 Share Posted August 12, 2015 I can't access the OpenVPN webUI can someone help me? I tried everything and can't get it to work for some reason. I already edited the variables I just setup the container myself and had the same problem. It turned out that it doesn't play well with bonding. Here's what I had to do make it work: - Setup container as usual - Enter the running container with 'docker exec -i -t <ID> /bin/bash' - Run 'apt-get update && apt-get install sqlite3' - Change to '/config/etc/db' and run 'sqlite3 config.db' - within the sqlite3 shell 'select * from config'. You'll see some records with network interface 'eth0'. - run these queries: UPDATE config SET value = 'bond0' WHERE name = 'admin_ui.https.ip_address'; UPDATE config SET value = 'bond0' WHERE name = 'cs.https.ip_address'; UPDATE config SET value = 'bond0' WHERE name = 'vpn.daemon.0.listen.ip_address'; UPDATE config SET value = 'bond0' WHERE name = 'vpn.daemon.0.server.ip_address'; (not sure anymore if these are all, just make sure you update all configs where eth0 is in. - restart the container. That did it for me. hey bux5aa1Bah, thanks for your solution! This works perfekt for my bond! This Docker Container is awesome! Quote Link to comment
korack Posted August 13, 2015 Share Posted August 13, 2015 Sorry for the late reply, sitting in the only hotel with internet so far on My Summer travels, If the web docent work try port 993 or 443 (check openvpn HomePage) sorry for the wierd autocorrection. Best bet IF web ui docent work is Old config (then clear IT) or the port is already in use (SSH to unraid and do a "PS -aux" And post IT. I bet this post loks like mess sitting on what could be the only iPad in Vietnam, however maby i sould change the default ui port?(same for SSL connections as web ui,or kinda booth works as default) And make the admin name changeable insteead Of "openvpn"?. Best Regards //mace PS. Post or mess the docker log right click and log. I'm having issues with the OpenVPN WebUI. I've cleared the old config, re-installed multiple times. Based on the openvpn.log it seems to be in a continual restart loop. It worked for a couple days prior to failing. I've tried many things including removing and re-downloading with a clean install path. I even tried the SQL commands but it didn't help. I'm not sure I understand what they are trying to change. Any other ideas? Thanks. openvpn.txt Quote Link to comment
macester Posted August 13, 2015 Author Share Posted August 13, 2015 Sorry for the late reply, sitting in the only hotel with internet so far on My Summer travels, If the web docent work try port 993 or 443 (check openvpn HomePage) sorry for the wierd autocorrection. Best bet IF web ui docent work is Old config (then clear IT) or the port is already in use (SSH to unraid and do a "PS -aux" And post IT. I bet this post loks like mess sitting on what could be the only iPad in Vietnam, however maby i sould change the default ui port?(same for SSL connections as web ui,or kinda booth works as default) And make the admin name changeable insteead Of "openvpn"?. Best Regards //mace PS. Post or mess the docker log right click and log. I'm having issues with the OpenVPN WebUI. I've cleared the old config, re-installed multiple times. Based on the openvpn.log it seems to be in a continual restart loop. It worked for a couple days prior to failing. I've tried many things including removing and re-downloading with a clean install path. I even tried the SQL commands but it didn't help. I'm not sure I understand what they are trying to change. Any other ideas? Thanks. Looks like openvpn cant get access to an interface or a port is in use. Is Networktype set to"host" and Privileged ticked? Is anything useing ports, 443 943 1194? ssh and "ps -aux" Are you as the other guys running bonding on your network interfaces? The sql commands change what default interface the openvpn deamon etc listens on, shouldent be needed to fiddle with that thou, not completly sure but think by reconfiguring openvpn-as with the built in script should yield the same results. - Enter the running container with 'docker exec -i -t <ID> /bin/bash' - Run: './usr/local/openvpn_as/bin/ovpn-init' and configure it as you want. //mace Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.