• 0

Access NAS content thru OpenVPN server running on the NAS


Go to solution Solved by BudMan,

Question

nasvpn

I just made a OpenVPN server running on a NAS which has this feature. I have been able to connect a client to it (locally, giving me 10.11.11.6) but I have no idea the IP i should access to view the content (files). The range is 10.11.11.2 - 10.11.11.254 so I tried 10.11.11.1 but nothing.

 

What should I do? Ask things that you might need for more information which I might not have thought on giving.

 

Thank you.

Link to post
Share on other sites

2 answers to this question

Recommended Posts

  • 0
+BudMan

" but I have no idea the IP i should access to view the content"

You would connect to the IP of the nas 192.168.100.87 clearly right there in the config you posted, with whatever protocol it uses to serve up the files. Be it http, ftp, webdav, cifs/smb, etc.

The IP address it is given you is just a network connection that is to be used as a tunnel to access the nas.. So for example your out on the internet with an IP 192.168.1.100 behind your nat router.. And you want to access your NAS that is also behind a nat router on say 192.168.100.87 (which is in your config you posted).. So you have this

post-14624-0-61256100-1383742391.png

Now you could port forward say http to your nat router to your nas and access it that way via http to your publicIP-B.. Or you could connect via vpn.. Your config there is for OpenVPN, So it is listening on port 9411 per your config. So you would forward udp 9411 to your NAS which again is in your config.

Then from the internet you would connect to your publicIP-B in the drawing above from your remote location using openvpn client. It would then create a tunnel network between you using

server 10.8.0.0 255.255.255.0

per your config - so not sure where you got 10.11 from? And tells client on the other end that hey if you want to get to off your network go down the tunnel

push "redirect-gateway def1"

Which is not really a good config for this sort of setup, you would must rather just push a route to your nas network vs changing the gateway.

something like

push "route 192.168.100.0 255.255.255.0"

Anyhoo your connection would then be like this

post-14624-0-80795600-1383742395.png

And to connect to your NAS IP 192.168.100.87 your remote person would go through the VPN tunnel and directly access it. This still flows over the internet, but the details are hidden to you as the user, and from your machines point of view its just got a new network connection on 10.8 network - and it uses this connection to connect to the 192.168.100/24 network.

Link to post
Share on other sites
  • 0
nasvpn

Server config:

 

port 9411
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/myserver.crt
key /etc/openvpn/keys/myserver.key
auth-user-pass-verify /usr/sbin/vpn_check_account via-env
client-cert-not-required
username-as-common-name
no-name-remapping
dh /etc/openvpn/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.100.29"
client-to-client
duplicate-cn
keepalive 10 60
reneg-sec 0
cipher AES-256-CBC
comp-lzo
max-clients 5
client-connect /etc/openvpn/connect.sh
client-disconnect /etc/openvpn/disconnect.sh
management localhost 7505
persist-key
persist-tun
status /var/log/openvpn-status.log
#log /tmp/openvpn.log
verb 3

 

Client config:

 

client
dev tun
proto udp
remote 192.168.100.87 9411
resolv-retry infinite
nobind
ca ca.crt
auth-user-pass
reneg-sec 0
cipher AES-256-CBC
comp-lzo

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.