tyrindor Posted December 10, 2016 Share Posted December 10, 2016 For the record I set up the netgear R7000 router openVPN too, headache free very easy guide. Still 2MB/s. So I have no clue what it could possibly be. I connected to two windows 10 PCs, both with 6700k processors and high end intel NICs. There absolutely must be some setting that everyone changes because clearly this can't be on my end. Either that or one of our ISPs is throttling us, or a router is causing problems. Quote Link to comment
CHBMB Posted December 10, 2016 Share Posted December 10, 2016 For the record I set up the netgear R7000 router openVPN too, headache free very easy guide. Still 2MB/s. So I have no clue what it could possibly be. I connected to two windows 10 PCs, both with 6700k processors and high end intel NICs. There absolutely must be some setting that everyone changes because clearly this can't be on my end. Either that or one of our ISPs is throttling us, or a router is causing problems. If with a completely different device gives the same output, why do you think it's a problem with the OpenVPN config? Quote Link to comment
tyrindor Posted December 10, 2016 Share Posted December 10, 2016 For the record I set up the netgear R7000 router openVPN too, headache free very easy guide. Still 2MB/s. So I have no clue what it could possibly be. I connected to two windows 10 PCs, both with 6700k processors and high end intel NICs. There absolutely must be some setting that everyone changes because clearly this can't be on my end. Either that or one of our ISPs is throttling us, or a router is causing problems. If with a completely different device gives the same output, why do you think it's a problem with the OpenVPN config? Well give me some ideas what it could be... Both ISPs claim they don't throttle VPN (they offer gigabit with zero bandwidth caps, so doubtful they throttle anything). One router is a NETGEAR R7000 (very popular router), and the other is a pfsense router (very popular as well). Both have overkill processors. I have no idea what else it could possibly be, and it seems no one else has this problem or everyone is OK with <2MB/s transfers. Is there some other way to test our speed to each other outside of VPN? Should I try getting rid of the routers and doing a single direct connection to 1 computer on each network? Quote Link to comment
CHBMB Posted December 10, 2016 Share Posted December 10, 2016 Well give me some ideas what it could be... I can't if I could I would have... Both ISPs claim they don't throttle VPN (they offer gigabit with zero bandwidth caps, so doubtful they throttle anything). One router is a NETGEAR R7000 (very popular router), and the other is a pfsense router (very popular as well). Both have overkill processors. I have no idea what else it could possibly be, and it seems no one else has this problem or everyone is OK with <2MB/s transfers. fwiw I haven't heard of anyone else with a similar problem, either on this thread or our IRC chatroom. I wouldn't be ok with <2MB/s either. Is there some other way to test our speed to each other outside of VPN? Should I try getting rid of the routers and doing a single direct connection to 1 computer on each network? If either of you run a webserver that might help test speeds by downloading files from each other? Quote Link to comment
tyrindor Posted December 10, 2016 Share Posted December 10, 2016 Well i've seen multiple complaints on pfsense forums about openvpn speeds, the issue was fixed by adjusting a setting which was later forced by default and removed from the settings. I'm guessing it really wasn't, so in a couple hours we will do a direct connection on his end to ensure it's not his overly complex router. If that doesn't fix it, we'll be calling ISPs and push harder because that's the only thing left it could possibly be. It can't be a direct port throttle either, the NETGEAR's OpenVPN uses entirely different ports than OpenVPN-AS. Quote Link to comment
SpaceInvaderOne Posted December 10, 2016 Share Posted December 10, 2016 So you are getting 2 MB/s transfers. So the server which is uploading the file is doing so at 16 Mbps. Is this file coming from his server to yours at this speed or from your server to his. 1. Do you both have gigabit internet. 2. If so is it the same ISP 3. When you test Is it the same speed both ways from his server to your server. And from your server to his server ? And would i be ok with 2MBS yes my fiber is only 38mbps (4.75MBS ) down and 10mbps (1.25MBS) up Quote Link to comment
tyrindor Posted December 10, 2016 Share Posted December 10, 2016 So you are getting 2 MB/s transfers. So the server which is uploading the file is doing so at 16 Mbps. Is this file coming from his server to yours at this speed or from your server to his. 1. Do you both have gigabit internet. 2. If so is it the same ISP 3. When you test Is it the same speed both ways from his server to your server. And from your server to his server ? And would i be ok with 2MBS yes my fiber is only 38mbps (4.75MBS ) down and 10mbps (1.25MBS) up We tried both ways. 1. I have 1000/500, he has 1000/25 (His upload shouldn't affect us when files are coming from my server, going to his?) 2. No, he lives in 20 miles out of town with a "very" small local ISP. 3. Yes I contacted some help from someone who knows VPNs and he remoted in. Getting 2MB/s to him as well. Tried direct connection with no routers on both ends. Tried VPN hosted on unRAID, as well as VPN hosted on router. Every single test results in roughly 2MB/s. He said it's unfixable and due to bad routing between our houses as well as his house. Seems unlikely, but I am out of ideas and that one makes the most sense. We have about 130TB of data each that we want to share with each other, so 2MB/s just won't cut it... guess we'll be stuck with external hard drives and driving 20 miles to share data... Quote Link to comment
SpaceInvaderOne Posted December 10, 2016 Share Posted December 10, 2016 So you are getting 2 MB/s transfers. So the server which is uploading the file is doing so at 16 Mbps. Is this file coming from his server to yours at this speed or from your server to his. 1. Do you both have gigabit internet. 2. If so is it the same ISP 3. When you test Is it the same speed both ways from his server to your server. And from your server to his server ? And would i be ok with 2MBS yes my fiber is only 38mbps (4.75MBS ) down and 10mbps (1.25MBS) up We tried both ways. 1. I have 1000/500, he has 1000/25 (His upload shouldn't affect us when files are coming from my server, going to his?) 2. No, he lives in 20 miles out of town with a "very" small local ISP. 3. Yes I contacted some help from someone who knows VPNs and he remoted in. Getting 2MB/s to him as well. Tried direct connection with no routers on both ends. Tried VPN hosted on unRAID, as well as VPN hosted on router. Every single test results in roughly 2MB/s. He said it's unfixable and due to bad routing between our houses as well as his house. Seems unlikely, but I am out of ideas and that one makes the most sense. We have about 130TB of data each that we want to share with each other, so 2MB/s just won't cut it... guess we'll be stuck with external hard drives and driving 20 miles to share data... Umm yeah, you would think transferring from you to him it should be way better with that upload speed Have you tried testing what kind of speeds do you get transferring files in another way. Maybe using a file transfer with TeamViewer or Splashtop desktop to compare? Quote Link to comment
ent44 Posted December 11, 2016 Share Posted December 11, 2016 I've setup openVPN but I cannot acces my webui (host and privilged are on), is there a way to acces it but have my server on bonded lan connections? Do I NEED to unbond them and connect it to eth0 to use openVPN? Quote Link to comment
06ankara Posted December 11, 2016 Share Posted December 11, 2016 I've setup openVPN but I cannot acces my webui (host and privilged are on), is there a way to acces it but have my server on bonded lan connections? Do I NEED to unbond them and connect it to eth0 to use openVPN? I had same issue. After change it to bridge i can see the web gui. Quote Link to comment
wgstarks Posted December 11, 2016 Share Posted December 11, 2016 I've setup openVPN but I cannot acces my webui (host and privilged are on), is there a way to acces it but have my server on bonded lan connections? Do I NEED to unbond them and connect it to eth0 to use openVPN? This might help http://lime-technology.com/forum/index.php?topic=43317.msg469975#msg469975 If you search the thread there is some discussion of this in a few places. Quote Link to comment
tyrindor Posted December 11, 2016 Share Posted December 11, 2016 So you are getting 2 MB/s transfers. So the server which is uploading the file is doing so at 16 Mbps. Is this file coming from his server to yours at this speed or from your server to his. 1. Do you both have gigabit internet. 2. If so is it the same ISP 3. When you test Is it the same speed both ways from his server to your server. And from your server to his server ? And would i be ok with 2MBS yes my fiber is only 38mbps (4.75MBS ) down and 10mbps (1.25MBS) up We tried both ways. 1. I have 1000/500, he has 1000/25 (His upload shouldn't affect us when files are coming from my server, going to his?) 2. No, he lives in 20 miles out of town with a "very" small local ISP. 3. Yes I contacted some help from someone who knows VPNs and he remoted in. Getting 2MB/s to him as well. Tried direct connection with no routers on both ends. Tried VPN hosted on unRAID, as well as VPN hosted on router. Every single test results in roughly 2MB/s. He said it's unfixable and due to bad routing between our houses as well as his house. Seems unlikely, but I am out of ideas and that one makes the most sense. We have about 130TB of data each that we want to share with each other, so 2MB/s just won't cut it... guess we'll be stuck with external hard drives and driving 20 miles to share data... Umm yeah, you would think transferring from you to him it should be way better with that upload speed Have you tried testing what kind of speeds do you get transferring files in another way. Maybe using a file transfer with TeamViewer or Splashtop desktop to compare? I just tested FTP and it's the same issues. The catcher? If I enable multi-part connections using CuteFTP it maxes the connection out on his side. So the bandwidth is there, but I need to use multi-connections to achieve it. Does this provide any insight on what the problem could be? I'd rather use VPN than FTP. Quote Link to comment
ent44 Posted December 11, 2016 Share Posted December 11, 2016 I've setup openVPN but I cannot acces my webui (host and privilged are on), is there a way to acces it but have my server on bonded lan connections? Do I NEED to unbond them and connect it to eth0 to use openVPN? I had same issue. After change it to bridge i can see the web gui. Damn it worked... Should've tried that myself, thanks mate Sent from my SM-G935F using Tapatalk Quote Link to comment
alaw005 Posted December 11, 2016 Share Posted December 11, 2016 I have installed openvpnas using the Community Applications in unRaid 6.2 but it didn't work. As least not until I found out that I needed to add an additional environment variable INTERFACE and set to bond0. Can you please update the unRAID template to include this environment variable? I also note there is no documentation (that I could find) on how to actually install in unRaid. Its really hard when you have to scrawl through pages and pages of the community forum to find anything out. Quote Link to comment
SpaceInvaderOne Posted December 11, 2016 Share Posted December 11, 2016 I have installed openvpnas using the Community Applications in unRaid 6.2 but it didn't work. As least not until I found out that I needed to add an additional environment variable INTERFACE and set to bond0. Can you please update the unRAID template to include this environment variable? I also note there is no documentation (that I could find) on how to actually install in unRaid. Its really hard when you have to scrawl through pages and pages of the community forum to find anything out. I did a video guide for this a few posts up, although it doesn't mention to add that variable for bonded connections! Remember the guys who give us these dockers etc do so in their spare time. They may not have hardware configs set up in the same way, as some of us may. ie bonded connections etc. So they can't test all conditions. As such these things can easily get overlooked, which is probably why it's not in the template. I know that some devs don't even use the dockers for their own daily use, they just convert them for us to use in unRAID. Sometimes if you can't find the info you need in the threads for the docker, then its worth posting in and checking the official forums for that particular application Quote Link to comment
sparklyballs Posted December 11, 2016 Share Posted December 11, 2016 I have installed openvpnas using the Community Applications in unRaid 6.2 but it didn't work. As least not until I found out that I needed to add an additional environment variable INTERFACE and set to bond0. Can you please update the unRAID template to include this environment variable? I also note there is no documentation (that I could find) on how to actually install in unRaid. Its really hard when you have to scrawl through pages and pages of the community forum to find anything out. The variable is not in the template, but it's clearly stated on our github readme for the container, and there is a handy github link in the OP for this image, and all our LT forum support posts for our images contain the relevant links back to github in the first post. Quote Link to comment
alaw005 Posted December 12, 2016 Share Posted December 12, 2016 Thank you for your replies. I understand that its all voluntary and I do appreciate the developers time, sorry if it came across otherwise. Its as much frustration with my own lack of understanding - I'm still getting my head around the interface of Dockers vs unRaid templates etc. I wish I knew more and was able to contribute myself. Quote Link to comment
trurl Posted December 12, 2016 Share Posted December 12, 2016 Thank you for your replies. I understand that its all voluntary and I do appreciate the developers time, sorry if it came across otherwise. Its as much frustration with my own lack of understanding - I'm still getting my head around the interface of Dockers vs unRaid templates etc. I wish I knew more and was able to contribute myself. Basically, a template is just a way of saving the stuff you put in the Add/Update Container form, and the stuff in the Add/Update Container form is just a way of specifying what to put in the docker run command. The docker service takes care of the rest in the standard docker ways. Quote Link to comment
werfsd Posted December 18, 2016 Share Posted December 18, 2016 This was very helpful, thanks. That being said, if you follow these simple rules then I think you are safe: 1. Do not expose the Connect or Admin interfaces to the Internet. There is literally no need to open these interfaces to the internet in the majority of cases. You're a home user (I imagine, as are the majority of those who use unRAID) and you can access these interfaces on your LAN to configure / download config files. 2. Use UDP protocol on port 1194 (or other) only for VPN access. When TCP mode is chosen for the VPN Server protocol, the VPN Server can optionally provide access to these services through its IP address and port. You don't want to do this or forget that its set. So just don't enable it. These settings are however maintained across updates. 3. Update your Container carefully. If you are really worried, before you update the Container: disable your port forwarding, have a terminal session open with the command ready to execute. If you are even more worried you could have your unRAID server (along with any configuring client) on a dedicated switch so you can isolate other local clients from being able to access the unRAID server for that period of time. I want to add that #3 is way OTT IMHO but #1 and #2 should be followed to maintain security. I don't run in an environment where LAN clients are not trusted (in that I would never expect someone on the LAN side to maliciously "hack" into the OpenVPN-AS interfaces in the short time they are open when I upgrade). Therefore #3 is not something I really thought about until your question. I would suggest that most unRAID users (without getting Philosophical about it) would consider their LAN secure. Anyway, in summary, not that much of an issue IMHO. Quote Link to comment
ario24 Posted January 3, 2017 Share Posted January 3, 2017 Hi, I need help, I can not see the web interface, thanks for the help Log_for__openvpn-as.txt Quote Link to comment
Shamalamadindong Posted January 3, 2017 Share Posted January 3, 2017 So what actually happens when you try to open it? 404? 500? Quote Link to comment
ario24 Posted January 3, 2017 Share Posted January 3, 2017 just says "Can not access this site" ip Reject connection. Quote Link to comment
CHBMB Posted January 3, 2017 Share Posted January 3, 2017 just says "Can not access this site" ip Reject connection. You're gonna need to be a lot more descriptive, what address you trying to access? What steps have you done before this? Anything special about your network setup, is it bonded or anything? Quote Link to comment
ario24 Posted January 4, 2017 Share Posted January 4, 2017 Thank you very much for the help, bonding was enable. Quote Link to comment
jcreynoldsii Posted January 11, 2017 Share Posted January 11, 2017 I went from having this setup and working to not, and this is the only thing that I can find in the docker log. I ran new permissions this didnt work. Any ideas? ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied ./run: line 3: /config/scripts/openvpnas: Permission denied Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.