openvpn access and multiple ip addresses


Recommended Posts

Ok, quick background.   My isp is very particular regarding sonarr, radarr and the likes, thus i have a VPN susbscription that runs through a seperate mini pc with gateway ip as 192.168.1.1 .   My unraid server has an ip of 192.168.1.4 and connects to the internet through the vpn gateway at 192.168.1.1 .   My router provides standard access (no vpn) for normal browsing but on a seperate subnet (192.168.5.1) and has dhcp server enabled (192.168.5.2-254).  both the vpn gateway and router are on the same switch so I can connect to the unraid box from my 192.168.5.* computers.   (this is needed for my kodi shares).   

 

now the question.   I want to enable an openvpn-as docker to allow me to connect to the unraid box and subsequent shares/dockers when away.    Is that possible given the openvpn server would have to have a seperate ip (192.168.5.*) in order to pass the ports from the router to it.  I only have a single NIC in the server.

 

Is this only possible if I install a second NIC and connect that to the switch also?  

Link to comment

How many IP address does your Unraid server have?

and how are your PC:s on the 192.168.5.x network reaching Unraid? Do they access it directly? or is there another IP not mentioned here?

 

As a quick general point. An OpenVPN-AS container can share IP with the Host (Bridged or Host network mode), so the router can just port forward those ports. However, if the ports you want to use are already in use (80 and 443 comes to mind) or the app dynamically opens ports (thus needing its own IP) a single NIC and a switch without VLAN support, will give you containers running on their own IP, but are blocked from talking to the Host.

Link to comment
On 7/18/2019 at 9:48 AM, ken-ji said:

How many IP address does your Unraid server have?

and how are your PC:s on the 192.168.5.x network reaching Unraid? Do they access it directly? or is there another IP not mentioned here?

 

As a quick general point. An OpenVPN-AS container can share IP with the Host (Bridged or Host network mode), so the router can just port forward those ports. However, if the ports you want to use are already in use (80 and 443 comes to mind) or the app dynamically opens ports (thus needing its own IP) a single NIC and a switch without VLAN support, will give you containers running on their own IP, but are blocked from talking to the Host.

I may need to rethink my ip layout.  I need the radarr/sonarr/deluge Dockers behind the VPN, but my other devices should not be behind it for streaming access....   Have to think about this...

Link to comment
19 minutes ago, coolasice1999 said:

I may need to rethink my ip layout.  I need the radarr/sonarr/deluge Dockers behind the VPN, but my other devices should not be behind it for streaming access....   Have to think about this...

Binhex's VPN enabled Deluge container has privoxy built in, so you can accomplish what you want with no extra effort or reorganization needed.

Link to comment
1 hour ago, coolasice1999 said:

How do i set up radarr's proxy settings to work?  i have it connecting to deluge just fine, but can't get it to use the proxy to access the web?

Settings, general, proxy settings. This assumes you've tested the privoxy with a browser, when you point the browser to one of the many IP testing sites you should show the same IP as delugevpn is getting for its VPN.

Link to comment
18 hours ago, jonathanm said:

Settings, general, proxy settings. This assumes you've tested the privoxy with a browser, when you point the browser to one of the many IP testing sites you should show the same IP as delugevpn is getting for its VPN.

Got it all working....  delugevpn gets noticeably slower transfer speeds then using regular deluge and my pfsense openvpn client (I am using a port forwarding capable endpoint).  Any tips to improve speeds?

Link to comment
7 hours ago, coolasice1999 said:

Got it all working....  delugevpn gets noticeably slower transfer speeds then using regular deluge and my pfsense openvpn client (I am using a port forwarding capable endpoint).  Any tips to improve speeds?

There are several discussions about that in the delugevpn support thread. Long story short, there may be some settings that could improve things for you, but I don't think they are directly exposed in the interface, and / or you need to make changes in the vpn config file.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.