I am using a Allo Boss DAC for Roon connectivity. I am looking to put the DAC at a remote location and access my server through a L2TP VPN connection. I am looking for a VPN CLIENT that will allow me to do this in DietPi, and make sure all the traffic goes through the VPN connection. How can I do this? What app should be downloaded?
Are you bound to L2TP? That does not work with the VPN clients we offer through DietPi-Software. So if OpenVPN or WireGuard is an option, that would work.
I have no experience with L2TP, which is usually paired with IPsec, which again is known to be a bid complicated to setup. However hopefully this guide helps you: https://gist.github.com/mietek/4877cd74423bf6925b92
JRaducha
Ah yeah that’s true, our OpenVPN install configures it as server. WireGuard allows to choose between server and client setup.
However for a client setup usually the config must be provided by the server. Perhaps the Qnap has an option to export a client config based on the VPN server configuration?
Generally the Debian guide explains and gives examples about how to setup both sides: https://wiki.debian.org/OpenVPN
A SSH tunnel is an alternative, but a VPN will be generally more secure, easier to be forced for all network requests on the client and faster (AFAIK) since it can be used with UDP protocol as well.
How to configure the client via command line - At least this is how it was explained to me.
OpenVPN server creates certificates for each VPN client machine. These certificates should be available on the client computer at the /etc/openvpn directory. Normally, we use the scp command and copy these files from the OpenVPN server to the machine.
Now, on the client machine it’s time to make a few edits in the client specific configuration file at /etc/openvpn/client.conf.
Here, we set the address of the OpenVPN server, the port configured on the OpenVPN server and the actual name of the certificate and key file names. Usually, the OpenVPN port will be 1194.
Hi, I have VPS server with openvpn installed. I use this vpn for my laptops, smartphone and osmc(Rpi3) but cannot make it work with dietpi. I try to copy my dietpi.ovpn file to /etc/openvpn and /etc/openvpn/clients. I also change name for dietpi.config but also don;t work. When I make command in ssh terminal I see:
dietpi@DietPi:/$ sudo service openvpn restart
dietpi@DietPi:/$ sudo openvpn --config dietpi.ovpn
Options error: In [CMD-LINE]:1: Error opening configuration file: dietpi.ovpn
Use --help for more information.
dietpi@DietPi:/$ sudo systemctl status openvpn@dietpi
Broadcast message from root@DietPi (Tue 2020-03-24 13:09:29 CET):
Password entry required for 'Enter Private Key Password:' (PID 4396).
Please enter password with the systemd-tty-ask-password-agent tool:
● openvpn@dietpi.service - OpenVPN connection to dietpi
Loaded: loaded (/lib/systemd/system/openvpn@.service; disabled; vendor preset: enabled)
Active: active (running) since Tue 2020-03-24 13:09:29 CET; 4s ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Main PID: 4394 (openvpn)
Status: "Pre-connection initialization successful"
Tasks: 2 (limit: 4616)
Memory: 1.2M
CGroup: /system.slice/system-openvpn.slice/openvpn@dietpi.service
├─4394 /usr/sbin/openvpn --daemon ovpn-dietpi --status /run/openvpn/dietpi.status 10 --cd /etc/openvpn --config /etc/openvpn/dietpi.conf --writepid /run/openvpn/dietpi.pid
└─4396 /bin/systemd-ask-password --icon network-vpn Enter Private Key Password:
mar 24 13:09:29 DietPi systemd[1]: Starting OpenVPN connection to dietpi...
mar 24 13:09:29 DietPi ovpn-dietpi[4394]: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/dietpi.conf:17: block-outside-dns (2.4.7)
mar 24 13:09:29 DietPi ovpn-dietpi[4394]: OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
mar 24 13:09:29 DietPi systemd[1]: Started OpenVPN connection to dietpi.
mar 24 13:09:29 DietPi ovpn-dietpi[4394]: library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
And still ask me for password. I generate ovpn file with password first time but then I delete it because of error and generate second file without password.
Regards Przemek
I cannot find any openvpn log file but I have in ssh terminal still apearing messeges:
Broadcast message from root@DietPi (Tue 2020-03-24 15:38:38 CET):
Password entry required for 'Enter Private Key Password:' (PID 8108).
Please enter password with the systemd-tty-ask-password-agent tool:
Broadcast message from root@DietPi (Tue 2020-03-24 15:40:13 CET):
Password entry required for 'Enter Private Key Password:' (PID 8203).
Please enter password with the systemd-tty-ask-password-agent tool:
Broadcast message from root@DietPi (Tue 2020-03-24 15:41:48 CET):
Password entry required for 'Enter Private Key Password:' (PID 8230).
Please enter password with the systemd-tty-ask-password-agent tool:
Broadcast message from root@DietPi (Tue 2020-03-24 15:43:24 CET):
Password entry required for 'Enter Private Key Password:' (PID 8254).
Please enter password with the systemd-tty-ask-password-agent tool:
^C
dietpi@DietPi:/var/log$ ls
alternatives.log apt btmp dietpi-move_userdata.log dpkg.log fail2ban.log lastlog letsencrypt lighttpd mysql php7.3-fpm.log private proftpd redis wtmp
dietpi@DietPi:/var/log$
Broadcast message from root@DietPi (Tue 2020-03-24 15:44:59 CET):
Password entry required for 'Enter Private Key Password:' (PID 8299).
Please enter password with the systemd-tty-ask-password-agent tool:
I think it’s because the first file dietpi.ovpn I create. That file was password protected. Second file with the same name dietpi.ovpn was without password but messeges still appear.
I am not familiar with ddns.net/nextcloud, but I suspect that you are redirecting all traffic to the VPN and these applications don’t work when they are behind VPN. Is that so?