zorruno wikki: history "openVPNSetup with Docker"

Revision history for OpenVPNDocker


Revision [5244]

Last edited on 2020-02-09 09:20:40 by ZorrUno

No Differences

Revision [5243]

Edited on 2020-02-09 09:20:40 by ZorrUno
Additions:
//Do this section before port forwarding, as there is a default web interface password. //
Deletions:
//Probably set up the security before port forwarding. //


Revision [5242]

Edited on 2020-02-09 09:19:45 by ZorrUno

No Differences

Revision [5241]

Edited on 2020-02-09 09:19:45 by ZorrUno
Additions:
//Probably set up the security before port forwarding. //
Go to https://ipaddressofserver:943/admin
Deletions:
Probably set up the security before port forwarding. Go to https://ipaddressofserver:943/admin


Revision [5240]

Edited on 2020-02-09 09:18:33 by ZorrUno

No Differences

Revision [5239]

Edited on 2020-02-09 09:18:33 by ZorrUno
Additions:
openVPN Access Server FAQ: https://openvpn.net/vpn-server-resources/frequently-asked-questions-licensing/
Deletions:
**openVPN Access Server FAQ:**
https://openvpn.net/vpn-server-resources/frequently-asked-questions-licensing/


Revision [5238]

Edited on 2020-02-09 09:18:05 by ZorrUno

No Differences

Revision [5237]

Edited on 2020-02-09 09:18:05 by ZorrUno
Additions:
//IF you are keen for a simple, free-as-in-beer, 2 connection openVPN setup, then proceed...//
Deletions:
//IF you are keen for a simple, free-as-in-beer, 2 connection OpenVPN setup, then proceed...//


Revision [5236]

Edited on 2020-02-09 09:17:50 by ZorrUno

No Differences

Revision [5235]

Edited on 2020-02-09 09:17:50 by ZorrUno
Additions:
NOTE: There is only x86-64 architecture build for this currently.
NOTE: this the web setup is non-free and allows two simultaneous vpn connections (unless paid).
Deletions:
Note this the web setup is non-free and allows two simultaneous vpn connections (unless paid).


Revision [5234]

Edited on 2020-02-09 09:15:24 by ZorrUno

No Differences

Revision [5233]

Edited on 2020-02-09 09:15:24 by ZorrUno

No Differences

Revision [5232]

Edited on 2020-02-09 09:14:03 by ZorrUno

No Differences

Revision [5231]

Edited on 2020-02-09 09:14:03 by ZorrUno
Additions:
There is an openVPN app for windows that I am successfully using, pretty sure you'd need admin rights, but not sure. https://openvpn.net/client-connect-vpn-for-windows/
Deletions:
There is an OpenVPN app for windows that I am successfully using, pretty sure you'd need admin rights, but not sure. https://openvpn.net/client-connect-vpn-for-windows/


Revision [5230]

Edited on 2020-02-09 09:13:36 by ZorrUno

No Differences

Revision [5229]

Edited on 2020-02-09 09:13:36 by ZorrUno
Additions:
======openVPNSetup with Docker======
Deletions:
======OpenVPNSetup with Docker======


Revision [5228]

Edited on 2020-02-09 09:13:07 by ZorrUno

No Differences

Revision [5227]

Edited on 2020-02-09 09:13:07 by ZorrUno
Additions:
https://gist.github.com/renatolfc/f6c9e2a5bd6503005676


Revision [5226]

Edited on 2020-02-09 09:12:41 by ZorrUno

No Differences

Revision [5225]

Edited on 2020-02-09 09:12:41 by ZorrUno
Additions:
You can also create your own open vpn client config file (.ovpn) with the certificates in it, here are samples:
https://github.com/OpenVPN/openvpn/blob/master/sample/sample-windows/sample.ovpn
Deletions:
You can also create your own open vpn client config file (.ovpn) with the certificates in it, here is a sample:


Revision [5224]

Edited on 2020-02-09 09:11:36 by ZorrUno

No Differences

Revision [5223]

Edited on 2020-02-09 09:11:36 by ZorrUno
Additions:
You can also create your own open vpn client config file (.ovpn) with the certificates in it, here is a sample:
https://gist.github.com/seuros/9671811


Revision [5222]

Edited on 2020-02-09 09:07:04 by ZorrUno

No Differences

Revision [5221]

Edited on 2020-02-09 09:07:04 by ZorrUno
Additions:
openVPN protocol itself is fully free however, so this web based setup doesn't need to be used.
**openVPN Access Server FAQ:**
Deletions:
OpenVPN protocol itself is fully free however, so this web based setup doesn't need to be used.
**OpenVPN Access Server FAQ:**


Revision [5220]

Edited on 2020-02-09 09:06:28 by ZorrUno

No Differences

Revision [5219]

Edited on 2020-02-09 09:06:28 by ZorrUno
Additions:
Note that licencing is US$15 per license per year... minimum 10 licenses!
https://openvpn.net/pricing/
//IF you are keen for a simple, free-as-in-beer, 2 connection OpenVPN setup, then proceed...//


Revision [5218]

Edited on 2020-02-09 09:03:29 by ZorrUno

No Differences

Revision [5217]

Edited on 2020-02-09 09:03:29 by ZorrUno
Additions:
Some Android Connect FAQs including errors https://openvpn.net/vpn-server-resources/connecting-to-access-server-with-android/
Deletions:
Some Android COnnect FAQs https://openvpn.net/vpn-server-resources/connecting-to-access-server-with-android/


Revision [5216]

Edited on 2020-02-09 09:02:53 by ZorrUno

No Differences

Revision [5215]

Edited on 2020-02-09 09:02:53 by ZorrUno
Additions:
Note this the web setup is non-free and allows two simultaneous vpn connections (unless paid).
OpenVPN protocol itself is fully free however, so this web based setup doesn't need to be used.
Deletions:
Note this the web setup is non-free and allows two clients only (unless paid).
OpenVPN itself is free however.


Revision [5214]

Edited on 2020-02-09 09:00:23 by ZorrUno

No Differences

Revision [5213]

Edited on 2020-02-09 09:00:23 by ZorrUno
Additions:
Note this the web setup is non-free and allows two clients only (unless paid).
OpenVPN itself is free however.
**OpenVPN Access Server FAQ:**
https://openvpn.net/vpn-server-resources/frequently-asked-questions-licensing/
Some Android COnnect FAQs https://openvpn.net/vpn-server-resources/connecting-to-access-server-with-android/
Deletions:
Note this the web setup is non-free and allows two clients only (unless paid). OpenVPN itself is free however.


Revision [5206]

Edited on 2020-02-09 08:56:31 by ZorrUno

No Differences

Revision [5205]

Edited on 2020-02-09 08:56:31 by ZorrUno
Additions:
CategoryDocker
Deletions:
CategoryMicrocontrol
CategoryRaspberryPi


Revision [5204]

Edited on 2020-02-09 08:55:22 by ZorrUno

No Differences

Revision [5203]

Edited on 2020-02-09 08:55:22 by ZorrUno
Additions:
Note this is the 'Official' one, but it is non-free(dom) from OpenVPN Inc.
======Alternatives======
This is another option for connecting on android is this one (and it is fully open source)
https://play.google.com/store/apps/details?id=de.blinkt.openvpn
Don't know much about this one sorry.


Revision [5202]

Edited on 2020-02-09 08:48:21 by ZorrUno

No Differences

Revision [5201]

Edited on 2020-02-09 08:48:21 by ZorrUno
Additions:
||https://122.50.5.11:943||
||
||
Deletions:
||https://122.50.5.11:943%%||


Revision [5200]

Edited on 2020-02-09 08:47:50 by ZorrUno

No Differences

Revision [5199]

Edited on 2020-02-09 08:47:50 by ZorrUno
Additions:
||https://122.50.5.11:943%%||
Deletions:
%%https://122.50.5.11:943%%


Revision [5198]

Edited on 2020-02-09 08:47:33 by ZorrUno

No Differences

Revision [5197]

Edited on 2020-02-09 08:47:33 by ZorrUno
Additions:
||**Forward**
943:TCP||
Deletions:
**Forward**
943:TCP


Revision [5196]

Edited on 2020-02-09 08:46:39 by ZorrUno

No Differences

Revision [5195]

Edited on 2020-02-09 08:46:39 by ZorrUno
Additions:
Unforward port 943 - you will need to allow access again if you set up other clients or another user.


Revision [5194]

Edited on 2020-02-09 08:44:57 by ZorrUno

No Differences

Revision [5193]

Edited on 2020-02-09 08:44:57 by ZorrUno
Additions:
**Setting Android VPN start/stop shortcuts in launcher**
Deletions:
======Setting Android VPN start/stop shortcuts in launcher======


Revision [5192]

Edited on 2020-02-09 08:44:21 by ZorrUno

No Differences

Revision [5191]

Edited on 2020-02-09 08:44:21 by ZorrUno
Additions:
**Access Server Hostname (locked): **
**Turn off port forwarding in your router for the web interface if you want to.**
======Setting Android VPN start/stop shortcuts in launcher======
You can also create a disconnect homescreen shortcut, it is in the app setting menu "Set Disconnect Shortcut" (Not in the profile settings). Note that clicking on these shortcuts in my android launcher sometimes looks like they haven't don't anything (especially if you same the VPN password), although it seems just to work nice and quickly. Check the top android notification bar to see if there is a VPN 'Key' icon when the VPN is operating. You can also check your IP address to see where you are connected obviously.
======Other Clients======
Deletions:
**Access Server Hostname (locked): **
======Other======
Turn off port forwarding for the web interface if you want to.
You can also create a disconnect homescreen shortcut,


Revision [5190]

Edited on 2020-02-09 08:38:13 by ZorrUno

No Differences

Revision [5189]

Edited on 2020-02-09 08:38:13 by ZorrUno
Additions:
You need to edit the profile details (pencil button) and the settings should be something like:
**Server Override (optional)**
https://122.50.5.11
Note: //I HAD to put the server override value in there, not sure why (it was initially blank). I couldn't connect without it.//
You can create a homescreen shortcut for android for your connection. Edit the Profile (Pencil Botton) and there is a buttom down the bottom with green writing "Set Connect Shortcut".
You can also create a disconnect homescreen shortcut,
Deletions:
You need to edit the profile details and the settings should be something like:


Revision [5188]

Edited on 2020-02-09 08:31:12 by ZorrUno

No Differences

Revision [5187]

Edited on 2020-02-09 08:31:12 by ZorrUno
Additions:
You can choose how DNS service is allocated in Configuration/VPN Settings menu. By default, people keep their own DNS settings, so if you want to route them though the VPN, change it here.
You can set default settings for routing, rather than per user settings in Configuration/VPN Settings menu
You will need the external address or domain name of your server (IP address via whatsmyip.com or dyndns etc). Remember to take your phone off your local wifi to connect/setup.
You should now be able to connect (are you off local wifi?) to the VPN.
======Other======
Turn off port forwarding for the web interface if you want to.
There is an OpenVPN app for windows that I am successfully using, pretty sure you'd need admin rights, but not sure. https://openvpn.net/client-connect-vpn-for-windows/
This is the iOS app, but I've never used it https://apps.apple.com/us/app/openvpn-connect/id590379981
Deletions:
You can choose how DNS service is allocated in Configuration/VPN Settings menu
You can set default routing, rather than user specific settings in Configuration/VPN Settings menu
You will need the external address or domain name of your server (IP address via whatsmyip.com or dyndns etc)


Revision [5186]

Edited on 2020-02-09 08:24:49 by ZorrUno

No Differences

Revision [5185]

Edited on 2020-02-09 08:24:49 by ZorrUno
Additions:
The app should pull in the certificates and you can save the profile.
You need to edit the profile details and the settings should be something like:
**Access Server Hostname (locked): **
122.50.5.11
**Profile Name**
newuser@122.50.5.11
**Port (locked)**
9443
**Username (locked)**
newuser


Revision [5184]

Edited on 2020-02-09 08:19:14 by ZorrUno

No Differences

Revision [5183]

Edited on 2020-02-09 08:19:14 by ZorrUno
Additions:
%%https://122.50.5.11:943%%
Deletions:
##https:// 122.50.5.11:943##


Revision [5182]

Edited on 2020-02-09 08:18:44 by ZorrUno

No Differences

Revision [5181]

Edited on 2020-02-09 08:18:44 by ZorrUno
Additions:
##https:// 122.50.5.11:943##
Deletions:
##https://122.50.5.11:943##


Revision [5180]

Edited on 2020-02-09 08:18:15 by ZorrUno

No Differences

Revision [5179]

Edited on 2020-02-09 08:18:15 by ZorrUno
Additions:
=====Set up the Android App=====
You will need the external address or domain name of your server (IP address via whatsmyip.com or dyndns etc)
Install the OpenVPN Connect app on your phone, it is this one
https://play.google.com/store/apps/details?id=net.openvpn.openvpn&hl=en
Run the app and add a profile with the + button
it will ask for the url. If your IP is 122.50.5.11, you'll use:
##https://122.50.5.11:943##


Revision [5178]

Edited on 2020-02-09 08:12:56 by ZorrUno

No Differences

Revision [5177]

Edited on 2020-02-09 08:12:56 by ZorrUno
Additions:
Log out of web interface and log in again as new user.
Go to user management and 'Deny Access' or delete the admin user.
Deletions:


Revision [5176]

Edited on 2020-02-09 08:10:48 by ZorrUno

No Differences

Revision [5175]

Edited on 2020-02-09 08:10:48 by ZorrUno
Additions:
=====Set up the web interface=====
Probably set up the security before port forwarding. Go to https://ipaddressofserver:943/admin
Default username/pass is admin/password
Go into the User Permissions menu on the left
Create a new user and give it Admin permissions. Save Settings.
Click 'More Settings' for the Admin user, and give it a password.
Go down to access control (Use NAT should be set) and give the networks you want to the user to be able to access when connected, eg 192.168.1.0/24 (add multiple subnets one below the other)
**Other (Optional)**
You can set network addressing in Configuration/VPN Settings menu.
You can choose how DNS service is allocated in Configuration/VPN Settings menu
You can set default routing, rather than user specific settings in Configuration/VPN Settings menu

Forward these ports in your router to your server running docker. Note that 943 is the web interface - you will need to forward this and expose the this to the outside world to get the clients up and running, but can then turn it off.
9443:TCP
=====Set up the web interface=====
Deletions:
Forward to your server running docker. Note that 943 is the web interface - you will need to forward this and expose the this to the outside world to get the clients up and running, but can then turn it off.
9443:UDP and TCP


Revision [5174]

Edited on 2020-02-09 07:58:51 by ZorrUno

No Differences

Revision [5173]

Edited on 2020-02-09 07:58:51 by ZorrUno
Additions:
=====Get the container up=====
run
%%docker-compose up -d%%
=====Do some port forwarding in your router=====
Forward to your server running docker. Note that 943 is the web interface - you will need to forward this and expose the this to the outside world to get the clients up and running, but can then turn it off.
**Forward**
1194:UDP
9443:UDP and TCP
943:TCP


Revision [5172]

Edited on 2020-02-09 07:54:10 by ZorrUno

No Differences

Revision [5171]

Edited on 2020-02-09 07:54:10 by ZorrUno
Additions:
Put the right details for your mapped docker storage in the volumes section
- /dockervolumes/openvpn-as:/config
Deletions:
- path to data:/config


Revision [5170]

Edited on 2020-02-09 07:53:05 by ZorrUno

No Differences

Revision [5169]

Edited on 2020-02-09 07:53:05 by ZorrUno
Additions:
- TZ=Pacific/Auckland
Deletions:
- PUID=1000
- PGID=1000
- TZ=Europe/London
- INTERFACE=eth0 #optional


Revision [5168]

Edited on 2020-02-09 07:51:35 by ZorrUno

No Differences


Full history for this page cannot be displayed within a single page, click here to view more.