Setup OMV as a VPN Client

  • From what I can tell the OpenVPN plugin is used to make a secure connection INTO OMV but what I want to do is connect my OMV install to utilize my VPN provider.


    On the arch desktop this was easy as I just clicked on network>vpn>add connection.


    On OMV I am not confident in what I am supposed to do nor are my searches pulling up anything other than OpenVPN setups.


    Thanks!

  • Your VPN provider should have instructions available to configure your machine as a client to connect to their network. So long as OMV has a suitable client program, this should be no problem, but you will probably have to configure it by hand.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 7.x on headless Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 32GB ECC RAM.

  • So what I did was:


    1. ssh into the box
    2. wget the openvpn file
    3. openvpn --config 'openvpnconfig.opvn'


    Connected and asked for my username and password.


    This is OK but not ideal as every time it restarts id have to do this and I believe I have to keep the terminal/ssh connection open.


    Still digging but progress is being made.

  • Do you intend to use your NAS as a gateway?
    If so, you have also to deal with routing to pass the internet traffic from and to you local network.
    I'm using my NAS as a gateway because my TP-Link routers are just too slow to deal with 256-Bit AES encryption.


    However, you have to create a client.conf which could look like this:

    The path after auth-user-pass defines a file where you username and password is stored.

  • The NAS is the only device to be 100% on the VPN at all times.


    The client.conf is neat but I don't see where/how I would set this command [openvpn --config 'openvpnconfig.opvn'] to be run all times and when it asks for the username/password where I would point it to the client.conf.


    Thanks everyone for the help!

  • I assumed you would start openvpn as a service.
    OpenVPN should use the client.conf under /etc/openvpn/client.conf by default. My VPN configuration (*.opvn file) is also under /etc/openvpn/.

    • Offizieller Beitrag

    If this is omv3 the place openvpnconfig.ovpn file in /etc/openvpn/ folder


    And rename it to openvpnconfig.conf


    Run


    systemctl enable openvpn@openvpnconfig.service


    Reboot see if it running now at start


  • My server @hetzner runs a pfSense and my local lan connects to it via Fritzbox IPsec VPN. But 7490 FB are slow stuff. Dual core with no core spanning the vpn makes a max of 8mbyte/s, it would be oky on a 16/2 DSL but my DSL offers 100/40 so I would like to have the 100 due to the backups I suck from machines in the @hetzner lan. Currently I backup 1 machine a night, and it runs most of the night.


    So I want to move my VPN bridge from FritzBox to my OMV Server (a HP ProLiant Micro Gen 8 pimped to the max) where the VPN Service does have a much thicker power bucket to draw from. And the machine @hetzner is almost in idle 23,5h/day.... IMHO it makes sense to move that bridge endpoint from the FB to OMV.


    I did:


    on my pfSense @hetzner I registerd a oVPN Server with certs and created a user for the OMV. (following the pfSense2android guide on got-tty.org,as i was doing it for my android in the first place) Android device works fine pings go through from @hetzner local lan to vpn device and I have my extension from my Freepbx working proberly on my android now.


    created an .ovpn file in pfSense


    safe it to /etc/openvpn (not in the tempting sub dir named "client"! it needs to be in /etc/openvpn)


    renamend it to: "OMV2host.conf"


    executed: "systemclt enable openvpn@OMV2host.service && systemcl start openvpn@OMV2host.service && systemctl status openvpn@OMV2host.service"


    got some minor red flags for not supported DNS settings.


    So now I have static routes on the OMV to my vpn site (pushed by the server)


    from the cli of OMV I sucessfully pinged the pfSense (vpn server) and also the machines in the lan the pfSens runs locally. (both ways back and forth between the @hetzner local lan and the OMV sucessfully)


    But I cant access the pfSense from a Virtualbox Machine on OMV...?
    I cant load the web page of the pfSense from anything attached to the OMV.


    Traceroute brings up asterisks (*) after the pfSense what ever I trace.


    I added routes in my local fritzbox for the vpn network pointing to the OMV


    I cant ping thos networks from any local client.



    Sitting in bed beiing sick and changing simple stuff is no good idea, help me please, what am I missing?


    Thanks

  • i found this guid


    https://s55ma.radioamater.si/2…tworks-behind-vpn-client/


    this did the trick....


    Bash
    sysctl -w net.ipv4.ip_forward=1
    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE


    edit:


    just remember if you use eth0 or bond0, it stalled me, until i searched for tun2bond and rememberd i did copy paste eth instead of bond....


    so actually its this.

    Code
    sysctl -w net.ipv4.ip_forward=1
        iptables -t nat -A POSTROUTING -o bond0 -j MASQUERADE
        iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

    Question is: how do i make it sticky.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!