Setup OMV as a VPN Client

  • From what I can tell the OpenVPN plugin is used to make a secure connection INTO OMV but what I want to do is connect my OMV install to utilize my VPN provider.

    On the arch desktop this was easy as I just clicked on network>vpn>add connection.

    On OMV I am not confident in what I am supposed to do nor are my searches pulling up anything other than OpenVPN setups.


  • Your VPN provider should have instructions available to configure your machine as a client to connect to their network. So long as OMV has a suitable client program, this should be no problem, but you will probably have to configure it by hand.

    Google is your friend and Bob's your uncle!

    OMV AMD64 5.x on ASRock Rack C2550D4I C0 Stepping - 16GB ECC - Silverstone DS380 + Silverstone DS380 DAS Box.

  • So what I did was:

    1. ssh into the box
    2. wget the openvpn file
    3. openvpn --config 'openvpnconfig.opvn'

    Connected and asked for my username and password.

    This is OK but not ideal as every time it restarts id have to do this and I believe I have to keep the terminal/ssh connection open.

    Still digging but progress is being made.

  • Do you intend to use your NAS as a gateway?
    If so, you have also to deal with routing to pass the internet traffic from and to you local network.
    I'm using my NAS as a gateway because my TP-Link routers are just too slow to deal with 256-Bit AES encryption.

    However, you have to create a client.conf which could look like this:

    The path after auth-user-pass defines a file where you username and password is stored.

  • The NAS is the only device to be 100% on the VPN at all times.

    The client.conf is neat but I don't see where/how I would set this command [openvpn --config 'openvpnconfig.opvn'] to be run all times and when it asks for the username/password where I would point it to the client.conf.

    Thanks everyone for the help!

  • I assumed you would start openvpn as a service.
    OpenVPN should use the client.conf under /etc/openvpn/client.conf by default. My VPN configuration (*.opvn file) is also under /etc/openvpn/.

  • My server @hetzner runs a pfSense and my local lan connects to it via Fritzbox IPsec VPN. But 7490 FB are slow stuff. Dual core with no core spanning the vpn makes a max of 8mbyte/s, it would be oky on a 16/2 DSL but my DSL offers 100/40 so I would like to have the 100 due to the backups I suck from machines in the @hetzner lan. Currently I backup 1 machine a night, and it runs most of the night.

    So I want to move my VPN bridge from FritzBox to my OMV Server (a HP ProLiant Micro Gen 8 pimped to the max) where the VPN Service does have a much thicker power bucket to draw from. And the machine @hetzner is almost in idle 23,5h/day.... IMHO it makes sense to move that bridge endpoint from the FB to OMV.

    I did:

    on my pfSense @hetzner I registerd a oVPN Server with certs and created a user for the OMV. (following the pfSense2android guide on,as i was doing it for my android in the first place) Android device works fine pings go through from @hetzner local lan to vpn device and I have my extension from my Freepbx working proberly on my android now.

    created an .ovpn file in pfSense

    safe it to /etc/openvpn (not in the tempting sub dir named "client"! it needs to be in /etc/openvpn)

    renamend it to: "OMV2host.conf"

    executed: "systemclt enable openvpn@OMV2host.service && systemcl start openvpn@OMV2host.service && systemctl status openvpn@OMV2host.service"

    got some minor red flags for not supported DNS settings.

    So now I have static routes on the OMV to my vpn site (pushed by the server)

    from the cli of OMV I sucessfully pinged the pfSense (vpn server) and also the machines in the lan the pfSens runs locally. (both ways back and forth between the @hetzner local lan and the OMV sucessfully)

    But I cant access the pfSense from a Virtualbox Machine on OMV...?
    I cant load the web page of the pfSense from anything attached to the OMV.

    Traceroute brings up asterisks (*) after the pfSense what ever I trace.

    I added routes in my local fritzbox for the vpn network pointing to the OMV

    I cant ping thos networks from any local client.

    Sitting in bed beiing sick and changing simple stuff is no good idea, help me please, what am I missing?


  • i found this guid…tworks-behind-vpn-client/

    this did the trick....

    sysctl -w net.ipv4.ip_forward=1
    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE


    just remember if you use eth0 or bond0, it stalled me, until i searched for tun2bond and rememberd i did copy paste eth instead of bond....

    so actually its this.

    sysctl -w net.ipv4.ip_forward=1
    iptables -t nat -A POSTROUTING -o bond0 -j MASQUERADE
    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

    Question is: how do i make it sticky.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!