Setting up Home Network with multiple routers and OMV NAS with automation and remote access planned

  • Hello,

    I am transitioning from using a cloud seedbox to setting up my own OMV media server at home. I've outlined my current system configuration and objectives below. Any guidance on the questions I've raised would be greatly appreciated.

    System Configuration:

    • OMV Server Specs:
      • CPU: i7 7700k
      • RAM: 32G DDR4
      • Storage: 1TB NVME m.2 (OS drive) and 6x8tb SATA drives on XFS. These are combined using LVM into a single 48 TB drive.
    • Network Setup:
      • I have four routers in total. Among them, the Huawei router functions as the primary modem for the entire house and obtains a dynamic IP from my ISP upon each restart.
      • I've attached a visual representation of my home network topology, as well as a photograph of my OMV server setup.



    Objectives:

    1. Local Access: I want devices connected to my local network to directly access the OMV server without going through the internet. The primary interaction would be through PLEX/Jellyfin. Ideally, I'd also want an accessible WEBUI for management. What's the best approach for this, especially for non-tech-savvy users like my wife who uses an iPad? Would WireGuard VPN be suitable, or is there a more direct solution?
    2. Seedbox/Usenet Client Configuration: I aim to use the OMV as a seedbox/usenet client utilizing tools like qbittorrent, rutorrent, and nzbget. Additionally, I want automation capabilities with sonarr/radarr/bazarr. I believe I'll need port forwarding or potentially a reverse proxy setup (like NPM/SWAG). Could someone guide me on docker configurations for these tools and the sequence to set them up?
    3. Remote Access: For remote access, I'm considering using an available domain. I've come across suggestions about integrating Cloudflare with the domain. Is this the recommended approach?
    4. Media Drive Management: I've mounted the media drive as an SMB share on my Windows 11 PC for manual media file management. Is this method effective, or is there a more efficient alternative?

    I realize this is a lot, and I sincerely appreciate your patience. Apologies for any confusion earlier, and I'm eager to get your insights.

    Thanks in advance!

  • veekar

    Added the Label OMV 6.x
  • chente

    Approved the thread.
    • Official Post

    Local Access: I want devices connected to my local network to directly access the OMV server without going through the internet. The primary interaction would be through PLEX/Jellyfin. Ideally, I'd also want an accessible WEBUI for management. What's the best approach for this, especially for non-tech-savvy users like my wife who uses an iPad? Would WireGuard VPN be suitable, or is there a more direct solution?

    Access through a web browser to those services. No need for Wireguard if everything is on the same local network.

    Seedbox/Usenet Client Configuration: I aim to use the OMV as a seedbox/usenet client utilizing tools like qbittorrent, rutorrent, and nzbget. Additionally, I want automation capabilities with sonarr/radarr/bazarr. I believe I'll need port forwarding or potentially a reverse proxy setup (like NPM/SWAG). Could someone guide me on docker configurations for these tools and the sequence to set them up?

    About this I have the feeling that I already answered you in another thread, but... here you have how to do it. https://wiki.omv-extras.org/doku.php?id=omv6:docker_in_omv

    Remote Access: For remote access, I'm considering using an available domain. I've come across suggestions about integrating Cloudflare with the domain. Is this the recommended approach?

    For this you can use Wireguard. https://wiki.omv-extras.org/do…v6:omv6_plugins:wireguard

    Media Drive Management: I've mounted the media drive as an SMB share on my Windows 11 PC for manual media file management. Is this method effective, or is there a more efficient alternative?

    Samba is effective.

  • Access through a web browser to those services. No need for Wireguard if everything is on the same local network.

    Thank you for your reply. I understand the suggestion to access services through a web browser, but I need to clarify the structure of my network setup further.


    In my home, I have four distinct wireless networks, each originating from a different router. While all these routers are connected via LAN cables, they all have unique local IP addresses:

    1. Huawei (ISP Router): 10.233.10.1
    2. Xiaomi AX1800: 192.168.31.1
    3. Asus RT68ac: 192.168.1.1
    4. Xiaomi 4C: 192.168.32.1

    These routers distribute different DHCP IP addresses to devices connected to them.


    My OMV media server is connected to the Xiaomi AX1800 router and has the IP address 192.168.31.75. Because of this setup, if a device is connected to, let's say, the Huawei network, it won't be able to directly access the OMV media server. The device would need to be connected to the Xiaomi AX1800 network to gain direct access.


    This presents a challenge, especially for my wife. She primarily uses her iPad to stream content via Plex/Jellyfin. I'd like to ensure she can do this seamlessly, regardless of which wireless network she's connected to within our home. It's not ideal for her to switch to the Xiaomi AX1800 network every time she wants to use Plex or Jellyfin.


    Now that I am reading my problem, I guess I'm better off handling my home networking first and setting up the Asus as the main router while keeping everything else as access point, getting IP from the Asus DHCP, so then the OMV will be under the same subnet as everything on the local network, my bad, ok this one is solved.


    About this I have the feeling that I already answered you in another thread, but... here you have how to do it. https://wiki.omv-extras.org/doku.php?id=omv6:docker_in_omv

    Yes you did, I was assuming that I needed some kind of port forwarding with the docker compose settings but can't find it there, or if I install a wireguard container, then all docker containers connection will and should use the wireguard VPN tunnel instead?


    Installed the wireguard container and reading documentation now, thanks a lot!

    • Official Post

    These routers distribute different DHCP IP addresses to devices connected to them.


    My OMV media server is connected to the Xiaomi AX1800 router and has the IP address 192.168.31.75. Because of this setup, if a device is connected to, let's say, the Huawei network, it won't be able to directly access the OMV media server. The device would need to be connected to the Xiaomi AX1800 network to gain direct access.


    This presents a challenge, especially for my wife. She primarily uses her iPad to stream content via Plex/Jellyfin. I'd like to ensure she can do this seamlessly, regardless of which wireless network she's connected to within our home. It's not ideal for her to switch to the Xiaomi AX1800 network every time she wants to use Plex or Jellyfin.

    You can configure a DNS server on your network that resolves the IPs of the services. If none of your routers allow you to configure a DNS server (ideal solution) you can install a pi-hole container in OMV.

    Then your wife will just have to type into her browser something like jellyfin.home or whatever you want to set.

    Now that I am reading my problem, I guess I'm better off handling my home networking first and setting up the Asus as the main router while keeping everything else as access point, getting IP from the Asus DHCP, so then the OMV will be under the same subnet as everything on the local network, my bad, ok this one is solved.

    That solution is the best, of course.

    Yes you did, I was assuming that I needed some kind of port forwarding with the docker compose settings but can't find it there, or if I install a wireguard container, then all docker containers connection will and should use the wireguard VPN tunnel instead?

    Wireguard does not affect containers. It only establishes a connection from the outside with the local network.

  • Looks like "Rub Goldberg" approach.

    Linux Mint (Edge) EndeavourOS Arch Linux

    OMV6 NAS, bond0 LACP, Fractal Design Define R5 Case, Kodi "Omega", FreeBSD pfSense Plus firewall/router

  • I've never seen such a (needless) complicated network setup.

    You could do all of this with a OpenWRT based router and another one being used as "dumb" accesspoint.

    Management would be easier and centralized, apart from fine(r) grained security settings.

  • I've never seen such a (needless) complicated network setup.

    You could do all of this with a OpenWRT based router and another one being used as "dumb" accesspoint.

    Management would be easier and centralized, apart from fine(r) grained security settings.


    I remember having 2 routers, 2 switches, 2 WPA’s etc all for my “home network”. Now I have Opnsense VM, 1 L3 Switch and ‘a’ WPA. All sitting on the 192.168.5.0 Network, and having 5 static IP’s and 6 machines.

    Everything LAN good, everything WAN access via NPM.

    Badda Bing, Badda Boom.

    Then I run WG and 2 separate VPN’s for my “seeding”.

  • the subnets after


    FiGXuse.png


    Huawei connects to the internet via PPPoE and gets dynamic IP from my ISP, wireless disabled.

    Asus with the asuswrt-merlin acts as the DHCP router and doing the "heavy lifting" for the rest of the local network, both Xiaomi acts as the dumb access point getting manual IP assigned by MAC address from the asus router.


    all within the subnet of 192.168.1.1 by the Asus router.


    To think I've been using this configuration for more than 3 years lol. :D

    • Official Post

    To think I've been using this configuration for more than 3 years lol.

    Yeah. The KISS method seems more appropriate. :)

  • Yeah. The KISS method seems more appropriate. :)

    I switched from double NAT to single NAT and now letting the Huawei router handle all the DHCP and still somehow can't port forward for wireguard's 51820


    Asking my ISP to see if they're blocking it, if they are, I might try NPM next on 80 or 443

    • Official Post

    I switched from double NAT to single NAT and now letting the Huawei router handle all the DHCP and still somehow can't port forward for wireguard's 51820


    Asking my ISP to see if they're blocking it, if they are, I might try NPM next on 80 or 443

    You can follow these steps to do that check. https://wiki.omv-extras.org/do…_the_network_from_outside

  • There's "How-To's", but there should also be "Why-To's". Why do you want to do this? The answer usually determines the method.

    basically so I can stream videos and manage my omv server from outside of my local network, it's more of a wanted feature rather than an absolute need :D

    • Official Post

    Yes, I've confirmed with my ISP that I'm behind a CGNAT, no port forwarding should be applicable, can you please advise what are my options to access my server remotely at this point?

    Depending on the ISP you can request to be removed from CGNAT. In my country all ISPs accept this request and proceed accordingly. Although I know that there are countries where it is more difficult.

    If you can't get out of CGNAT there is an alternative, not very attractive, like Tailscale.

    If you can get yourself off CGNAT, even changing ISP if necessary, it is the best solution.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!