Featured Post

HOW TO: Install VPN server on Ubuntu when server is behind firewall

The whole point in this post is to run your own VPN service, and allow you to connect remote devices to your home network. To start off yo...

Dec 4, 2015

HOWTO: OpenVPN installation guide for NAS4Free 10.2.x

So as you may have read in earlier posts - I did a complete reinstall of my NAS4Free server and setup all services running on it. Here in this post I will describe the steps required to install OpenVPN on your NAS4Free server, and configure it to start automatically on bootup.

First let's determine an appropriate location to install the temporary files for installation:

setenv PKG_TMPDIR /mnt/Data/tmp/

Next let's install all the required components: curl, expect:

pkg install openvpn
pkg install curl
pkg install expect

Typing the following command will update yourr shell session with the new commands available based on the installed packages:

rehash

Move openvpn file so it does not get executed every time thesystem is started, otherwise your boot process will stop and you will be prompted for a username/password.  NAS4Free executes all the files inside "rc.d" folder on startup.

mkdir /usr/local/etc/openvpn
mv /usr/local/etc/rc.d/openvpn /usr/local/etc/openvpn/

Edit startup settings and add OpenVPN support:

nano /etc/rc.conf

Add the following:

openvpn_enable=YES"

And ONE of the following, this is based on your VPN provider (check the opvn file contents to determine which to use):

openvpn_if="tun"
openvpn_if="dev"

Now retrieve the relevant information from your VPN provider: certificates, location, configuration files etc. Rename the certificate (*.crt) and chosen location (*ovpn) to openvpn.crt and openvpn.conf, and copy *.pem file.

Install certificates (.crt) and location (.ovpn) files:

mkdir /usr/local/etc/openvpn
mv openvpn* /usr/local/etc/openvpn/
mv *.pem /usr/local/etc/openvpn/

Make sure the certificate authority configuration line (ca) is set to openvpn.crt by editing the following file:

nano /usr/local/etc/openvpn/openvpn.conf

Now it's time to test OpenVPN and make sure you have an appropriate IP.

/usr/local/etc/openvpn/openvpn start /usr/local/etc/openvpn/
curl icanhazip.com

The curl command should return your NAS' new WAN IP, and this should be different to your regular WAN IP - as it should be now based on the location file you provided.

Now we need to configure OpenVP to start and connect on startup, so let's create an auto-sign-on script, and make it executable:

nano /usr/local/etc/openvpn/autosignon
chmod +x autosignon

Paste the following, and edit username and password to match your details, for your VPN provider:

#!/usr/local/bin/expect -f
set force_conservative 0
spawn /usr/local/etc/openvpn/openvpn start /usr/local/etc/openvpn/openvpn.conf
match_max 100000
expect -exact "Enter Auth Username:"
send "YOUR USERNAME"
send "\r"
expect -exact "Enter Auth Password:"
send "YOUR PASSWORD"
send "\r"
expect eof

Add the following command script PreInit (System|Advanced|Command Scripts) via your NAS4Free web interface:

/usr/local/etc/openvpn/autosignon

Reboot your machine and you should be automatically connected to your VPN service.

No comments: