OpenVPN Setup

  • Hi all,


    I've had my RaspberyPi running OMV4 for a while. Recenty the OpenVPN plugin got released, and I'd like to use it to access my NAS even when I'm not connected to my own network.


    I've managed to setup the OpenVPN plugin, however, I'm struggling with the right configuration. I have already check most of the tutorials and posts, but I can't figure it out. This is my first time setting up a VPN connection to my own network, so I'd appreciate the help as I can't seem to figure out the correct DNS settings.


    What I've done so far:


    • Enabled OpenVPN in OMV, local IP 192.168.0.8 (fixed)
      • VPN address 10.8.0.0
      • mask 255.255.255.0
      • PAM authentication off
      • DNS server: no idea
      • public address: No-IP hostname
    • Opened port 1194 on my router (TP-Link TL-WR840N)
    • Requested No-IP DDNS hostname
    • Exported certificate from OMV and opened with OpenVPN


    However, I get the following OpenVPN output:


    Sun May 20 15:39:28 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]94.209.48.38:1194
    Sun May 20 15:39:28 2018 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Sun May 20 15:39:28 2018 UDP link local: (not bound)
    Sun May 20 15:39:28 2018 UDP link remote: [AF_INET]94.209.48.38:1194
    Sun May 20 15:39:28 2018 MANAGEMENT: >STATE:1526823568,WAIT,,,,,,

    "Goats are like mushrooms, if you shoot a duck, I'm scared of toasters."


  • I used the same Settings for the setup as you did.
    Can you access OMV via the DNS Name?
    Did you replace the sample OpenVPN config with your personal? You can also Check it with any editor.

  • I'm omv4 new user and I installed OpenVPN plug-in 4.0 and when I want to change settings every time I click save i get this message:


    Missing 'required' attribute 'gateway_interface' , because cannot set any value in the required field


    What is going wrong and how can I fix it?


    Thanks

  • You have to choose a gateway interface. Normally your gateway should be displayed. Where did you install OMV on? A selfmade nas? On a virtual machine?

  • I used the same Settings for the setup as you did.
    Can you access OMV via the DNS Name?
    Did you replace the sample OpenVPN config with your personal? You can also Check it with any editor.

    No, I can't access OMV via the DNS name. How would I do that?
    Should the IP of my RaspberryPi match the DNS input?

    "Goats are like mushrooms, if you shoot a duck, I'm scared of toasters."

  • I had the same problem with running OpenVPN in OMV on a ODROID XU4. Same output in OpenVPN client status window. Eventually it timed out and generated -amongst other- the following message:



    TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)



    After some research I found the probable cause of my particular problem to be in the server side server.conf file in /etc/openvpn.



    In the file there were 2 lines that in my opinion did not make sense:



    push "route 169.254.0.0
    192.168.2.0 255.255.255.0"



    After making a backup (cp server.conf server.conf.org) and changing the two lines into one single line:



    push "route 10.8.0.0 255.255.255.0"



    followed by restarting openvpn (service restart openvpn) it worked immediately.



    An additional problem is that after making a change to the OpenVPN settings in the GUI and saving this change, the 2 lines that caused the problem are back in the server.conf file.



    It seems that the 'VPN network' settings in the GUI are not properly translated into the appropriate statements in server.conf.



    As long as I don't make any change and save any of the settings in the OpenVPN GUI everything is working perfectly all right. And if I do make a change then I have to correct (or copy back) server.conf.



    I am sure this will be fixed in a future version of the OpenVPN plugin.

  • Thanks. It works for me.

  • After updating the OpenVPN plugin from 4.0.1 to 4.0.3, OpenVPN stopped working with exactly the same symptoms as described earlier. Perhaps the problem already returned in 4.0.2, I don't know, I haven't used OpenVPN for a while.


    Environment today is Odroid XU4 with OMV 4.1.19-1 and OpenVPN plugin 4.0.3, the latest as of 10-02-2019.


    The difference now is that when I enter in the GUI:


    VPN network 10.8.0.0 / 255.255.255.0


    the expected line:


    push "route 10.8.0.0 255.255.255.0"


    shows up in /etc/openvpn/server.conf. In version 4.0.1 this line was not added.



    However, the 2 lines that were part of the original problem (for me) were there again:



    push "route 169.254.0.0
    192.168.2.0 255.255.255.0"


    Fix: To get OpenVPN running as before I just deleted these 2 lines and restarted the OpenVPN service: service openvpn restart.


    It seems that after the recent OpenVPN plugin updates for Odroid XU4 now the correct push statement is added while at the same time the incorrect push statement is added again.



    These are just my observations and as usual there is proably a lot more behind it.


    Best regards

  • After updating OMV itself to currently the latest 4.1.21-1 I found the problem being reintroduced. Perhaps not an OpenVPN plugin problem??
    Fixed it as mentioned before by deleting 2 lines from /etc/openvpn/server.conf and restarting the OpenVPN service: service openvpn restart.



    Best regards

  • Hi Zwei.
    I was wondering if you have managed to make the plugin work.
    I could not make a vpn connection with my Phone via the OpenVPN App.


    What I've done so far:

    • Enabled OpenVPN plugin in OMV, local fixed IP 192.168.0.64

      • General Settings

        • Port 1194
        • Protocol UDP
        • Use compression ON
        • PAM authentification OFF
      • VPN network

        • Address 10.8.0.0
        • Mask 255.255.255.0
        • Gateway eth0
        • Default gateway ON
        • Client to Client OFF


    • Created a user certificate in the plugin and downloaded it.
    • Port forwarding on my router:

      • External Port 1194 to 192.168.0.64 Local Port 1194 Protocol: UDP
    • Installed OpenVPN App on iPhone.
    • Copied the .ovpn file into the Documents folder of the app. (Via iTunes as recommended)

    I can see the profile in the app:
    OpenVPN Profile
    http://mysubdomain.duckdns.org


    However when I try to connect the error occurs:
    There was an error attempting to connect to the selected server

  • I have a problem with setup OpenVPN server. The server has two eth interface LAN and WAN.
    my config



    in ccd dir (for users that need access to LAN only) I have

    Code
    push "route 192.168.0.0 255.255.0.0"  // LAN interface

    (for users that need access to LAN WAN)


    Code
    push "redirect-gateway def1 bypass-dhcp"
    push "route xxx.xxx.xxx.xxx 255.255.255.240" // WAN interface

    I`m successfully connected to server but can`t any access to LAN behind the SERVER (the SERVER is not Gateway in my LAN, Gateway is 192.168.3.1) nor from first no second user. Second user has WAN access only with host resolving.


    What I do wrong, how lets server make users to access LAN?

  • I think I have the same problem (access to the OMV server throught openvpn ok, but no access to other machines on the lan... my omv server beeing 192.168.0.57, my router 192.168.0.1). Can you elaborate more on your solution?

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!