OpenVPN Server & Client for unRAID 6.2+ (6.1 are still supported)


peter_sm

Recommended Posts

I believe I have found the issue with Ashe's Help.

 

I'm assuming this is created by the plugin? for some reason on all 4 servers i manage, the plugin generates this using eth0

 

petersm, is there anyway to change this:

16       0     0 MASQUERADE  all  --  *      eth0    10.8.0.0/24          0.0.0.0/0  

to this:

16       0     0 MASQUERADE  all  --  *      br0    10.8.0.0/24          0.0.0.0/0  

I can add a new route to the iptable, but once I do, I can no longer access the OpenVPN configuration pages. & end up with 2:

 

16       0     0 MASQUERADE  all  --  *      eth0    10.8.0.0/24          0.0.0.0/0           
17    1686 90332 MASQUERADE  all  --  *      br0     10.8.0.0/24          0.0.0.0/0  

 

Link to comment

Below:

# Generated settings:
IFNAME[0]="br0"
BRNAME[0]="br0"
BRSTP[0]="no"
BRFD[0]="0"
BRNICS[0]="eth0"
DESCRIPTION[0]=""
PROTOCOL[0]="ipv4"
USE_DHCP[0]="no"
IPADDR[0]="192.168.1.198"
NETMASK[0]="255.255.255.0"
GATEWAY[0]="192.168.1.254"
METRIC[0]=""
DHCP_KEEPRESOLV="yes"
DNS_SERVER1="192.168.1.254"
DNS_SERVER2="8.8.8.8"
DNS_SERVER3=""
MTU[0]="1500"
IFNAME[1]="eth1"
DESCRIPTION[1]=""
PROTOCOL[1]=""
USE_DHCP[1]="no"
IPADDR[1]="10.1.1.11"
NETMASK[1]="255.255.255.0"
GATEWAY[1]=""
METRIC[1]=""
IPADDR6[1]=""
NETMASK6[1]=""
GATEWAY6[1]=""
PRIVACY6[1]=""
MTU[1]="1500"
IFNAME[2]="eth2"
DESCRIPTION[2]=""
PROTOCOL[2]=""
USE_DHCP[2]=""
IPADDR[2]=""
NETMASK[2]=""
GATEWAY[2]=""
METRIC[2]=""
IPADDR6[2]=""
NETMASK6[2]=""
GATEWAY6[2]=""
PRIVACY6[2]=""
MTU[2]=""
IFNAME[3]="eth3"
DESCRIPTION[3]=""
PROTOCOL[3]=""
USE_DHCP[3]=""
IPADDR[3]=""
NETMASK[3]=""
GATEWAY[3]=""
METRIC[3]=""
IPADDR6[3]=""
NETMASK6[3]=""
GATEWAY6[3]=""
PRIVACY6[3]=""
MTU[3]=""
SYSNICS="4"

 

Link to comment

What unraid version are you on?

 

Below data is from 6.3.5

default via 192.168.0.1 dev br0 
10.10.0.0/24 dev br0.10  proto kernel  scope link  src 10.10.0.1 
10.28.0.0/24 via 10.28.0.2 dev tun0 
10.28.0.2 dev tun0  proto kernel  scope link  src 10.28.0.1 
20.20.0.0/24 dev br0.20  proto kernel  scope link  src 20.20.0.1 
127.0.0.0/8 dev lo  scope link 
172.17.0.0/16 dev docker0  proto kernel  scope link  src 172.17.0.1 
192.168.0.0/24 dev br0  proto kernel  scope link  src 192.168.0.190 
192.168.122.0/24 dev virbr0  proto kernel  scope link  src 192.168.122.1 linkdown 

 

11       0     0 MASQUERADE  all  --  *      br0     10.28.0.0/24         0.0.0.0/0       

my network.cfg


# Generated settings:
IFNAME[0]="br0"
BRNAME[0]="br0"
BRSTP[0]="no"
BRFD[0]="0"
BRNICS[0]="eth0"
DESCRIPTION[0]=""
USE_DHCP[0]="no"
IPADDR[0]="192.168.0.190"
NETMASK[0]="255.255.255.0"
GATEWAY="192.168.0.1"
DHCP_KEEPRESOLV="yes"
DNS_SERVER1="192.168.0.1"
DNS_SERVER2=""
DNS_SERVER3=""
MTU[0]=""
VLANS[0]="1"
SYSNICS="1"

 

Link to comment

I'm on 6.4 right now, but the problem was there prior to upgrading.

 

default via 192.168.1.254 dev br0 metric 100 
10.8.0.0/24 via 10.8.0.2 dev tun0 
10.8.0.2 dev tun0 proto kernel scope link src 10.8.0.1 
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 
192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.198 
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown 

 

Link to comment

Hi!

 

I forget that I'm also using /var/local/emhttp/network.ini to get right intetrface. Can you post yours ?

 

Mine looks like this

 

[eth0]
BONDNAME="bond0"
BONDING_MIIMON="100"
BRNAME="br0"
BRSTP="no"
BRFD="0"
BONDING="no"
BONDING_MODE="1"
BONDNICS="eth0,eth1"
BRIDGING="yes"
BRNICS="eth0"
DESCRIPTION:0=""
USE_DHCP:0="no"
IPADDR:0="192.168.0.190"
NETMASK:0="255.255.255.0"
GATEWAY="192.168.0.1"
DHCP_KEEPRESOLV="yes"
DNS_SERVER1="192.168.0.1"
DNS_SERVER2=""
DNS_SERVER3=""
MTU=""
TYPE="trunk"

 

Link to comment
[eth0]
DHCP_KEEPRESOLV="yes"
DNS_SERVER1="192.168.1.254"
DNS_SERVER2="8.8.8.8"
DNS_SERVER3=""
DNS6_SERVER1=""
DNS6_SERVER2=""
DNS6_SERVER3=""
BONDING="no"
BONDNAME=""
BONDNICS=""
BONDING_MODE="1"
BRIDGING="yes"
BRNAME="br0"
BRNICS="eth0"
BRSTP="no"
BRFD="0"
DESCRIPTION:0=""
PROTOCOL:0="ipv4"
USE_DHCP:0="no"
IPADDR:0="192.168.1.198"
NETMASK:0="255.255.255.0"
GATEWAY:0="192.168.1.254"
METRIC:0=""
IPADDR6:0=""
NETMASK6:0=""
GATEWAY6:0=""
PRIVACY6:0=""
MTU="1500"
TYPE="access"
[eth1]
BONDING="no"
BONDNAME=""
BONDNICS=""
BONDING_MODE="1"
BRIDGING="no"
BRNAME=""
BRNICS=""
BRSTP="0"
BRFD="0"
DESCRIPTION:0=""
PROTOCOL:0=""
USE_DHCP:0="no"
IPADDR:0="10.1.1.11"
NETMASK:0="255.255.255.0"
GATEWAY:0=""
METRIC:0=""
IPADDR6:0=""
NETMASK6:0=""
GATEWAY6:0=""
PRIVACY6:0=""
MTU="1500"
TYPE="access"
[eth2]
BONDING="no"
BONDNAME=""
BONDNICS=""
BONDING_MODE="1"
BRIDGING="no"
BRNAME=""
BRNICS=""
BRSTP="0"
BRFD="0"
DESCRIPTION:0=""
PROTOCOL:0=""
USE_DHCP:0=""
IPADDR:0=""
NETMASK:0=""
GATEWAY:0=""
METRIC:0=""
IPADDR6:0=""
NETMASK6:0=""
GATEWAY6:0=""
PRIVACY6:0=""
MTU=""
TYPE="access"
[eth3]
BONDING="no"
BONDNAME=""
BONDNICS=""
BONDING_MODE="1"
BRIDGING="no"
BRNAME=""
BRNICS=""
BRSTP="0"
BRFD="0"
DESCRIPTION:0=""
PROTOCOL:0=""
USE_DHCP:0=""
IPADDR:0=""
NETMASK:0=""
GATEWAY:0=""
METRIC:0=""
IPADDR6:0=""
NETMASK6:0=""
GATEWAY6:0=""
PRIVACY6:0=""
MTU=""
TYPE="access"

 

Edited by clowrym
Link to comment

On my VM Unraid 6.4 the OpenVPN get the right interface when using bridge.

 

192.168.0.0/16 dev br0 proto kernel scope link src 192.168.0.198 

 

And you have bridge but get the eth0 interface anyway? 

Are you using bonding ?

 

I have limiting with time today, but you might figured out between your and my settings what differ ? so for me it's OK both on 6.3 and 6.4

 

Link to comment
Just now, peter_sm said:

On my VM Unraid 6.4 the OpenVPN get the right interface when using bridge.

 

192.168.0.0/16 dev br0 proto kernel scope link src 192.168.0.198 

 

And you have bridge but get the eth0 interface anyway? 

Are you using bonding ?

 

I have limiting with time today, but you might figured out between your and my settings what differ ? so for me it's OK both on 6.3 and 6.4

 

 

I'm not using bonding on this Machine, although I do have another file server mounted via eth1 with bridging set to no. 

Link to comment

Can you post result of command ifconfig ?

 

And result of

 /etc/rc.d/rc.openvpnserver restart

 

This is part of the code to select right interface

if [ $BONDING == "no" ] ; then

          if [ $BRIDGING == "no" ] ; then
                #No Bonding and No Bridge using eth0
                #echo "No Bonding and No Bridge using eth0 interface"
                IPRULES1="iptables -t nat -A POSTROUTING -s $NETWORK/24 -o eth0 -j MASQUERADE"
				eval $IPRULES1
			else
                #No bonding  and Bridge -> using br0
                #echo "No bonding  and Bridge -> using bridge interface"
                IPRULES1="iptables -t nat -A POSTROUTING -s $NETWORK/24 -o $BRNAME -j MASQUERADE"
				eval $IPRULES1
			fi
else


 

Link to comment

my ifconfig


root@Tower:~# ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.190  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 0c:c4:7a:07:a8:c8  txqueuelen 1000  (Ethernet)
        RX packets 2926  bytes 2098109 (2.0 MiB)
        RX errors 0  dropped 125  overruns 0  frame 0
        TX packets 2435  bytes 600937 (586.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 02:42:c4:9b:71:d6  txqueuelen 0  (Ethernet)
        RX packets 631  bytes 279908 (273.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 734  bytes 270606 (264.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500
        ether 0c:c4:7a:07:a8:c8  txqueuelen 1000  (Ethernet)
        RX packets 4173  bytes 3599813 (3.4 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3826  bytes 668558 (652.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 18  memory 0xfb500000-fb520000

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.255.255.255
        loop  txqueuelen 1  (Local Loopback)
        RX packets 886  bytes 611925 (597.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 886  bytes 611925 (597.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.28.0.1  netmask 255.255.255.255  destination 10.28.0.2
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100                                                                                        (UNSPEC)
        RX packets 14  bytes 883 (883.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 19  bytes 2510 (2.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth4fbc7cd: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether fe:50:42:ed:d0:e8  txqueuelen 0  (Ethernet)
        RX packets 203  bytes 142817 (139.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 376  bytes 64598 (63.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth81d5e2a: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 16:00:f3:35:93:8e  txqueuelen 0  (Ethernet)
        RX packets 313  bytes 87321 (85.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 400  bytes 174946 (170.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth9104e70: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 16:44:d6:66:cb:9b  txqueuelen 0  (Ethernet)
        RX packets 115  bytes 58604 (57.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 225  bytes 66302 (64.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:0e:5c:57  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether fe:54:00:07:90:63  txqueuelen 1000  (Ethernet)
        RX packets 1694  bytes 340928 (332.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2073  bytes 1839765 (1.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 

Link to comment
root@HighPlex:/var/local/emhttp# ifconfig
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.1.198  netmask 255.255.255.0  broadcast 0.0.0.0
        inet6 fe80::f882:4bff:fe82:ba6d  prefixlen 64  scopeid 0x20<link>
        ether 98:4b:e1:7e:5f:57  txqueuelen 1000  (Ethernet)
        RX packets 62115799  bytes 115966286795 (108.0 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 52060802  bytes 81818511672 (76.1 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        inet6 fe80::42:51ff:fe77:9454  prefixlen 64  scopeid 0x20<link>
        ether 02:42:51:77:94:54  txqueuelen 0  (Ethernet)
        RX packets 2097  bytes 1692194 (1.6 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6313  bytes 787101 (768.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=4419<UP,BROADCAST,RUNNING,PROMISC,MULTICAST>  mtu 1500
        inet6 fe80::9a4b:e1ff:fe7e:5f57  prefixlen 64  scopeid 0x20<link>
        ether 98:4b:e1:7e:5f:57  txqueuelen 1000  (Ethernet)
        RX packets 294288425  bytes 266144078590 (247.8 GiB)
        RX errors 0  dropped 482  overruns 0  frame 0
        TX packets 280621843  bytes 214384755920 (199.6 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 16

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 8439308  bytes 5360719515 (4.9 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 8439308  bytes 5360719515 (4.9 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.8.0.1  netmask 255.255.255.255  destination 10.8.0.2
        inet6 fe80::a75a:254f:9387:2182  prefixlen 64  scopeid 0x20<link>
        unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 100  (UNSPEC)
        RX packets 22537  bytes 2111895 (2.0 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 22135  bytes 5979637 (5.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vethdc29ac8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::78f2:cbff:fe08:c470  prefixlen 64  scopeid 0x20<link>
        ether 7a:f2:cb:08:c4:70  txqueuelen 0  (Ethernet)
        RX packets 2097  bytes 1721552 (1.6 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 6355  bytes 794254 (775.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:63:64:a0  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::fc54:ff:fe42:8fcc  prefixlen 64  scopeid 0x20<link>
        ether fe:54:00:42:8f:cc  txqueuelen 1000  (Ethernet)
        RX packets 10041  bytes 1221767 (1.1 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 68447  bytes 24624863 (23.4 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

 

 

Link to comment
root@HighPlex:/var/local/emhttp# /etc/rc.d/rc.openvpnserver restart
Stoping Openvpnserver.....
... Stopped
Deleting iptables rule ....
Starting Openvpn server.....
nohup: redirecting stderr to stdout
OK... Started
Adding iptables rule .....
unRAID version =  6.4
16       0     0 MASQUERADE  all  --  *      eth0    10.8.0.0/24          0.0.0.0/0

 

Link to comment

I see the issue!

 

You have etho with BRIDGING="yes"

but eth1, 2 and 3  BRIDGING="no"

 

I do in my plugin

source /var/local/emhttp/network.ini
 

do that and then type in

echo $BRIDGING

 

It will take the last BRIDGING ans save it to $BRIDGING

if $BRIDGING = no it will take eth0 as interface :-(

 

Need to find a solution on this .....

Link to comment

hi hope someone can help me, i just install this plugin but for some reason i cannot connect my vpn clients from my phone or ipad all i get is this message " Opnenvpn: Waiting for server" , i have open 1194 udp port to my unraid ip machine, before i install this plugin i did have openvpn server docker running without problem i just remove for the license limit to 2 users but it was working fine, i fallow the install guide on the first post, if anyone can help me i will really appreciated

Link to comment

thanks for you help, actually i just for curiosity i install openvpn on my win 10 pc and i can connect fine and also i install a different vpn client app on android "Openvpn for android" and it connect fine also, so the problem is the android default "Openvpn Connect" client

 

sorry where can i get the server config file and the user file you mean the clients that i create?

 

thanks for you help

Link to comment

You have the OpenVPN plugin installed and have followed the instruction and have the OpenVPN server running ?

 

You have created a user ?

And sent the user file to the client to import to the client app?

The server config files is displayed in the main page if it stopped

 

//Peter

 

Edited by peter_sm
Link to comment

Ok, getting slightly frustrated here with the client plugin.

I'm running Unraid 6.3.5 and happily running OpenVPN server which all works fine and dandy from every client I want. Which is great for connecting to my server from a client.

But, I want to connect my server to our company VPN server in the datacenter. I have followed the instructions and installed the client plugin and created the /boot/openvpn directory and placed the .conf file and all the certificate files in there. But,  in the client settings drop down menu the "Chose a file" remains empty and there is no obvious way to add them in?

I've tried Firefox and Chrome in case it was a browser bug but to no avail.

Can anyone help?

 

Thanks in advance.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.