Openvpn


cawk

Recommended Posts

Hello i am trying to setup openvpn on unraid 6.6.5

 

to access the webui i have to disable bonding in network settings otherwise i get refused to connect

 

however this is fine but when i try to access from my external ip address it also says refuse to connect

 

i have forwarded the port and even used my plex port as i knew this one was working properly (of course i stopped plex)

but as soon as i put the port for openvpn it refuses to connect

 

any ideas?

Link to comment

IMHO, you should run openvpn on something external to unraid. I use OVPN running on my firewall to access my internal network. No issues connecting to unraid that way, and bonding is enabled. If you want to do any maintenance tasks to unraid remotely, it won't work when OVPN gets taken down everytime the array goes offline.

Edited by DarkKnight
Link to comment
16 minutes ago, DarkKnight said:

IMHO, you should run openvpn on something external to unraid. I use OVPN running on my firewall to access my internal network. No issues connecting to unraid that way, and bonding is enabled. If you want to do any maintenance tasks to unraid remotely, it won't work when OVPN gets taken down everytime the array goes offline.

This is good, but there are situations where having a VPN server on unraid IN ADDITION to your firewall can be advantageous. I agree you need a secure channel external to unraid for management and as a backup, but not everyone runs a full workstation power pfsense or similar firewall, and VPN throughput can be very limited by the CPU and RAM on consumer routers. Running an additional VPN tunnel using your server's CPU and RAM can mean much higher speeds are available.

 

I personally have a pfsense VM on unraid for speed, but when it's unavailable my ancient VIA C7 based low power pfsense takes over routing duties.

Link to comment

I never considered the case where you'd want to run two instances of OVPN inside the same network. I do run pfSense on a 2nd larger server, and I'm actually in the process of migrating to untangled on it's own box so I can shut down the larger server when it's not needed to save on power (~25w vs ~250w). The box I'm migrating to should hopefully support decent speeds.

 

Edit: Ugh, now you've got me looking at getting a new CPUs that supports AES-NI for the 'low power' box. Way to help me save money @jonathanm😂

Edited by DarkKnight
Link to comment
1 hour ago, DarkKnight said:

Ugh, now you've got me looking at getting a new CPUs that supports AES-NI for the 'low power' box.

That was EXACTLY why I spent the time to get my primary pfsense migrated to an unraid VM. I'm too cheap to build a proper standalone when my old VIA is still functional, albeit for a limited time now. Eventually I'll be forced to upgrade my backup, I'm counting on cheaper prices when that time actually arrives.

Link to comment
2 minutes ago, DarkKnight said:

It's like $25 for a cpu that fits my board and supports AES-NI. After Christmas, I'll scrape up the cash for it. If I can keep the larger server off for about 40 days next year, it'll pay for it in energy savings.

Man, I wish it was that cheap for me. The jetway mini-itx board in my system isn't upgradeable, so I'm needing a dual GB mini-itx board, preferably one that will fit in my sealed case (Solid Logic GS-L05) and interface with the existing heatpipe.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.