Need help with VPN

  • Hi all , as per title I need help to choose and setup a VPN
    I am totally new to this and after 3 days of reading all my ideas I are mixed ....... if at the start looked easy now I am totally confused
    Most important thing is to be able to get a secure connection to my OMV from outside my network
    I've been trying to use one of the tutorial found on the forum and setup the openVPN on OMV like this


    GENERAL SETTINGS
    Port : 1194
    Protocol : UDP
    Use compresion : yes ( was active by default )
    PAM authentication : no
    Logging level : normal usage output


    VPN NETWORK
    Address : 10.8.0.0
    Mask : 255.255.255.0
    Gateway interface : enp4s
    Default Gateway : enabled
    Client to client : disabled


    DHCP options
    DNS server : 8.8.8.8,8.8.4.4,1.1.1.1
    DNS search domain : nothing
    WINS server : nothing


    PUBLIC
    Public address : name.asuscomm.com (name is my actual user)


    Saved , certificate created and downloaded



    I am using OpenVPN app on my android
    Imported and saved the certificate with no errors
    Stuck at <waiting for server>


    If I go on AiCloud ( default Asus app for network acces) I can see and all my network even using WOL and get files from folders but not sure how secure is this way
    Also I have an option to encrypt the connection with Let's encrypt..........


    My all network is behind an Asus RT AC88-U running Merlin software
    I am using DDNS on my router ( I guess everyone figure out from the public address)
    OMV has a static IP on my network but my ISP IP is dynamic even it didn't change for the last couple months


    For most of my browsing I am using Opera with VPN activated but on local network is deactivated and I can use this only for other things


    From what I understand about how the DDNS is working if I type < name.asuscomm.com> I should get on my network or at least on my router?
    If thats the case I get no result from this < that site can't be reached>


    Need help to figure out which is the best way to go and how to setup this.
    I am definetly doing something wrong but can't figure out where my mistakes are

    For now ( first setup)
    Gygabite G1 Sniper mobo
    Intel I7 960 quad core
    Asus AMD R5 230 video card
    10Gtek® Intel 82576 Chip Gigabit Ethernet Converged Network Adapter (NIC), Dual RJ45 Copper Ports, PCI Express 2.0 X 1
    12GB DDR3 @1600
    32GB SSD for OMV system
    2 x 3TB 3.5" HDD
    1 X 1TB 2.5" HDD
    Corsair case and Zetec 650W PSU


    Runing latest versio ( stable )

  • Not wrong the plugin has a bug, there are multiple topic opened on this, but if you follow this guide you should be able to have it working, but you need to ssh and change the server config



    http://forum.openmediavault.or…?postID=183452#post183452

  • Ok so after trying many other variants I ended up by setting my router like VPN Server and using openVPN on my mobile phone.
    Is this a good approach or should I setup VPN server on OMV?
    From what I understand on how VPN is working with the VPN server on router my entire home network is protected and I can acces any of the devices behind that router. For other internet related browsing I am using Opera with it's own VPN.
    I know with this settings I can't hide my location but for secure acces on my home network hope is enough. The only question and concern is that as soon as "data" is leaving my router( the end of the tunnel) is not encrypted and can be seen.
    Any thoughts on this approach or which will be the best approach without loosing internet speed?

    For now ( first setup)
    Gygabite G1 Sniper mobo
    Intel I7 960 quad core
    Asus AMD R5 230 video card
    10Gtek® Intel 82576 Chip Gigabit Ethernet Converged Network Adapter (NIC), Dual RJ45 Copper Ports, PCI Express 2.0 X 1
    12GB DDR3 @1600
    32GB SSD for OMV system
    2 x 3TB 3.5" HDD
    1 X 1TB 2.5" HDD
    Corsair case and Zetec 650W PSU


    Runing latest versio ( stable )

  • I will tell you my approach on this topic and a few ways to have you data secured over the internet.


    I had two approaches in mind for security reasons.


    1. Set up VPN and only expose VPN port to the internet
    2. Use letsencrypt to provide https for all my apps


    If you are really paranoic approach 1 is the safest as you are creating a tunnel between you and the server and you can access the server and apps you have on the server only if you are connected via the vpn, meaning you can access your server via the local network IP.


    If you are less afraid of the internet, you can expose domains with https encryption, everyone would be able to hit your domain so this is less secure against potential hackers.


    Now I chose option 2 because at work the network administrator does not allow VPN clients installed on my workstation so for me to access the server was best to just leave it as a normal website, but if you are totally into security I would go with the VPN approach.

  • For now ( first setup)
    Gygabite G1 Sniper mobo
    Intel I7 960 quad core
    Asus AMD R5 230 video card
    10Gtek® Intel 82576 Chip Gigabit Ethernet Converged Network Adapter (NIC), Dual RJ45 Copper Ports, PCI Express 2.0 X 1
    12GB DDR3 @1600
    32GB SSD for OMV system
    2 x 3TB 3.5" HDD
    1 X 1TB 2.5" HDD
    Corsair case and Zetec 650W PSU


    Runing latest versio ( stable )

  • Solved.....followed the guide provided in the link by @syrusstk and now everything is working.

    For now ( first setup)
    Gygabite G1 Sniper mobo
    Intel I7 960 quad core
    Asus AMD R5 230 video card
    10Gtek® Intel 82576 Chip Gigabit Ethernet Converged Network Adapter (NIC), Dual RJ45 Copper Ports, PCI Express 2.0 X 1
    12GB DDR3 @1600
    32GB SSD for OMV system
    2 x 3TB 3.5" HDD
    1 X 1TB 2.5" HDD
    Corsair case and Zetec 650W PSU


    Runing latest versio ( stable )

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!