(SOLVED) OpenVPN tunnel to remote network that Unraid can use (not only Docker containers)


Recommended Posts

Hi all,

 

I wonder if it is possible to create an OpenVPN tunnel that could be used by Unraid, and not only by Docker containers.

 

Indeed, I am currently using SSH to let Unraid connect to my remote backup server, but would like to do that through an OpenVPN tunnel, for security purposes (I don't like having an SSH port opened to the internet on my remote backup server).

 

I tried the dperson/openvpn-client Docker container (https://hub.docker.com/r/dperson/openvpn-client), which succeeds in establishing the tunnel, but it seems it only allows other Docker containers to access the OpenVPN tunnel, whereas in my case I need Unraid to be able to use SSH through the tunnel.

 

Unfortunately, the router on the remote backup server's network has no OpenVPN capabilites, so a router-to-router OpenVPN tunnel is not an option.

 

Any ideas ? I would greatly appreciate it.

 

Many thanks.

Best

OP

Edited by Opawesome
Link to comment

I underestimated myself because I actually managed to get Unraid use the Docker container OpenVPN tunnel.

 

Below is how I did it, in case it can help someone. Please let me know if so.

 

Best,

OP

====================

We will assume that:

  • you already have a running OpenVPN server on your remote network
  • you already have a working .ovpn profile to connect to that server
  • you already managed to get the dperson/openvpn-client Docker container up and running with this .ovpn profile
  • the local network is 192.168.100.0/24
  • the remote network is 192.168.200.0/24. 

 

1. Create a new docker network, eg (in the Unraid terminal console):

docker network create --subnet=172.19.0.0/16 openvpntunnel

2. Set the dperson/openvpn-client Docker container's "Network Type" to: "custom : openvpntunnel"

 

3. Set the dperson/openvpn-client Docker container's Fixed IP address to: "172.19.0.100"

 

4. Add a "route" Post Argument to the dperson/openvpn-client Docker container profile, pointing to the local network on which the Unraid machine is:

-r 192.168.100.0/24

 Note that you need to turn on the "advanced view" in the Docker container configuration page in order to set a Post Argument (seems no longer required)

 

5. Add a route to the Unraid Routing Table (in network settings) to access your remote network through the OpenVPN tunnel:

set "192.168.200.0/24" as the "IPv4:nn route"

set "172.19.0.100" as the "Gateway address" 

set "1" as the "Metric"

 

You can now open a terminal in Unraid and try to ping a machine on the remote network (eg: 192.168.200.21) to see if the link is alive.

 

6. Once you checked that everything works, make the route persistent across reboots by running the following script upon each start of your array (this can easily be done with the excellent "userscripts" plugin by Andrew Zawadzki (@Squid) for example) :

#!/bin/bash
sleep 5
ip route add 192.168.200.0/24 via 172.19.0.100

 

Edited by Opawesome
marked step 4 as "no longer required" + created step 6: "make route persistent across reboots"
  • Like 1
Link to comment
  • 2 years later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.