OpenVPN + PIA - Complete Idiots Guide?

  • Good evening all,


    My OMV 4.x box has been purring away quite happily for the last few months, even has it's first storage drive and is actually doing something at last!


    I would like to connect it to my Private Internet Access VPN to use it as a centralised Transmission hub, but I've no idea where to start.


    Does anyone have a complete idiots guide to doing such a thing?


    Thanks in advance.


    Sui

    OMV 4.x - ASUS P10S-X - Xeon E3-1220 v6 - 64GB ECC Crucial DDR4 2400MHz - Syba SI-PEX40064 SATA3 Card - 60GB Kingston SSD Boot Drive - 3x WD RED 4TB

  • Seeing as no one seems to be willing to step forward with the "Complete Idiots Guide to Setting Up OpenVPN On OpenMediaVault", I've had to go ahead & write my own.


    I hope this helps anyone who, like myself, is a Linux novice and a OMV noob.


    • Install OpenVPN on your OMV system, either directly or via SSH
      apt-get install openvpn
    • Download the configuration files for your particular VPN (in my case PIA) using wget, they should be available from your providers website
      Please note that the following URL is for the secure PIA OpenVPN files, if you are not using PIA these will be of no use to you, but I'm leaving the URL in as an example.
      wget https://www.privateinternetaccess.com/openvpn/openvpn-strong.zip
    • In my case, I had to install unzip to extract the contents of the .zip archive
      apt-get install unzip
      I then made a directory to extract the files to
      mkdir ~/<directory_name>
      and extracted with
      unzip <filename>.zip -d ~/<directory_name>
      Your mileage may vary here, as you might have downloaded your OpenVPN configuration files archived in a different way.
    • Change directory to where you just extracted the files to
      cd ~/<directory_name>
    • Copy the .crt and .pem files, as well as the .ovpn file of your choice to /etc/openvpn
      cp <filename>.crt <filename>.pem <filename>.ovpn /etc/openvpn
    • Make a file to store your VPN login information in
      nano /etc/openvpn .secrets
      and enter your username and password into it in order
      <username>
      <password>
      save and exit nano
    • Open the .ovpn file you copied using nano and change the line
      auth-user-pass
      to
      auth-user-pass .secrets
    • Rename the .ovpn file to .conf
      mv <filename>.ovpn <filename>.conf
    • You can test your OpenVPN connection at this point by running
      openvpn --config <your_config>.conf
    • If you want your OpenVPN connection to run at startup, add the following systemd entry
      systemctl enable openvpn@<name_of_your_conf_file>.service
    • Reload systemd
      systemctl daemon-reload
      and start OpenVPN service
      service openvpn start

    Reboot your system, and your OpenVPN connection should automatically start.


    This is my very first tutorial on anything Linux wise, so I hope the format and instructions are clear enough, and I really hope it helps someone out.


    Sui

    OMV 4.x - ASUS P10S-X - Xeon E3-1220 v6 - 64GB ECC Crucial DDR4 2400MHz - Syba SI-PEX40064 SATA3 Card - 60GB Kingston SSD Boot Drive - 3x WD RED 4TB

    Einmal editiert, zuletzt von Sui_Generis ()

    • Offizieller Beitrag

    Unfortunately, i don't use openvpn so I couldn't help. But your instructions look good to me. We appreciate when people write guides like this :)

    omv 7.0-32 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.9 | compose 7.0.9 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • I did something similar, for some reason my searches didn't bring up this thread
    all outgoing traffic goes on the tunnel, everything local stays local. I've quoted the instructions I used from PIA for posterity.


    key words: private internet access, openvpn, transmission, pia


    First I followed the directions at this link https://www.privateinternetacc…mment/33974#Comment_33974 except I didn't run it.



    then I followed the instructions at this link https://www.privateinternetacc…e-start-at-boot-linux-vpn
    it isn't clear but the author intends the file to be in /etc/init.d/ and have it named "vpn" . Because my ovpn file had spaces in the name I copied it to be another easier to use name.



    At first I was going to try to make only certain apps use the VPN and thought that I had to enable the VPN per app but it turns out that once the VPN client is running all outgoing traffic runs on the VPN. I'm good with that.


    Transmission won't work out of the box though you have to hunt for a setting - Micro Transport Protocol (µTP) ---- Enable µTP. should be disabled.


    to test if my VPN was working I did two things.


    from the command line I did wget http://wtfismyip.com/text this downloads a text with the ip address used to connect.


    then I went to https://torguard.net/checkmytorrentipaddress.php, grabbed the magnetic link and uploaded it to Transmission. This will tell you the IP address Transmission is using.

  • How hard would it be to make a module out of this?
    it would have to do the following;

    • install open-vpn
    • download and extract all the conf files from PIA (i imagine other providers may be similar)
    • store the user pass in a txt file
    • modify selected config file to point to the user/pass file (change 2 lines) (i would copy the selected file naming it something friendly and modify that)
    • create the shell script to run the vpn software with the selected config file
    • be able to turn off/disable/uninstall the vpn software
    • test the connection (use wget http://wtfismyip.com/text and display the text).
  • I take this old post for a question:

    I have OMV5 on my server and I installed on the docker Nextcloud.
    With DUCKDNS I can access on my Nextcloud everywhere, my question is If I can I install OpenVPN as say Sui_Generis in the second post and continue to use nextcloud with DuckDNS or I must use another way to install OpenVPN?
    Thanks and sorry for my bad english

    • Offizieller Beitrag

    Nextcloud and a VPN tunnel should not be incompatible, unless ports collide.

    I have had both installed for over a year.

  • Nextcloud and a VPN tunnel should not be incompatible, unless ports collide.

    I have had both installed for over a year.

    I searched on web and I see that OpenVPN use 1194 UDP and 443 TCP ports; Nextcloud use the same 443 port for https, it's possible that the conflict is this?

    If yes, how I can change the OpenVPN ports?

    Thanks and ciao

    • Offizieller Beitrag

    I searched on web and I see that OpenVPN use 1194 UDP and 443 TCP ports; Nextcloud use the same 443 port for https, it's possible that the conflict is this?

    If yes, how I can change the OpenVPN ports?

    I was surprised that you say that OpenVPN uses port 443, so I googled it.

    The usual OpenVPN port is 1194. I just saw that one hiding technique for an OpenVPN tunnel is to route it through port 443. But this is rare, not what is normally done.

    OpenVPN can actually be forwarded on whatever port you want, so it doesn't have to collide with Nextcloud.

    I don't use OpenVPN, I use Wireguard. But the operation is similar, the tunnel is routed in the port that you want.

    As for Nextcloud, if you want to access from WAN with a certificate like let's encrypt for example, you will need port 80 and 443 invariably.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!