NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
arpanj2
Nov 14, 2014Tutor
Installing and running OpenVPN @ boot - PrivateInternetAcces
Hi All,    I have been trying to install OpenVPN and use PrivateInternetAccess (PIA) as my VPN Server on my ReadyNAS for a while now - my prime usecase was that I wanted all the connection to be encry...
- Nov 01, 2015Thanks to arpanj2 for starting the thread. I've found there are better and easier ways to do a few things which may have saved people some frustration. I hope this helps! If anyone wants to merge my suggestions with the original to create a definitive post, they're most welcome. Here are my changes: Step 5: It's probably a good idea to retrieve new lists of packages so that you fetch the latest version of openvpn: # apt-get update 
 ... # apt-get install openvpnIf you want an easier to use text editor, now is a good time to install nano: # apt-get install nano Step 8: If you installed nano, you probably want to use it: # nano userpass.file 
 ...Step 9 is where I depart a bit; I prefer to keep the unzipped PIA .ovpn files unmodified. Instead, I create a copy of my preferred PIA site then edit it as directed: # cp France.ovpn My.ovpn 
 ...Or, if you like one-liners: # sed s/"auth-user-pass"/"auth-user-pass userpass.file"/ France.ovpn > My.ovpn Steps 10 through 13a: There is no need to create a script or a cron job!!! New Step 10: Let's now test our config file by running OpenVPN in the background: # openvpn My.ovpn & You'll see console output which looks something like this: [1] 6938 
 root@hostname:/etc/openvpn# Sun Nov 1 01:26:49 2015 OpenVPN 2.2.1 arm-linux-gnueabi [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014
 Sun Nov 1 01:26:49 2015 WARNING: file 'userpass.file' is group or others accessible
 Sun Nov 1 01:26:49 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
 Sun Nov 1 01:26:49 2015 LZO compression initialized
 Sun Nov 1 01:26:49 2015 RESOLVE: NOTE: france.privateinternetaccess.com resolves to 13 addresses
 Sun Nov 1 01:26:49 2015 UDPv4 link local: [undef]
 Sun Nov 1 01:26:49 2015 UDPv4 link remote: [AF_INET]108.61.122.156:1194
 Sun Nov 1 01:26:49 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
 Sun Nov 1 01:26:51 2015 [Private_Internet_Access] Peer Connection Initiated with [AF_INET]108.61.122.156:1194
 Sun Nov 1 01:26:53 2015 TUN/TAP device tun0 opened
 Sun Nov 1 01:26:53 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
 ...
 Sun Nov 1 01:26:53 2015 Initialization Sequence CompletedIt might look as though you don't have a prompt, but you do. Just hit enter a to get a fresh one. New Step 11: Check the vpn is running with ifconfig: # ifconfig ...and do whatever testing you need with your applications. New Step 12: Find the job you created earlier and send it a TERM signal with the kill command: root@hostname:/etc/openvpn# jobs [1]+ Running openvpn My.ovpn & root@hostname:/etc/openvpn# kill -term %1 Sun Nov 1 02:23:54 2015 event_wait : Interrupted system call (code=4) root@hostname:/etc/openvpn# Sun Nov 1 02:23:54 2015 /sbin/ifconfig tun0 0.0.0.0 Sun Nov 1 02:23:54 2015 SIGTERM[hard,] received, process exiting [1]+ Done openvpn My.ovpn root@hostname:/etc/openvpn# New Step 13: Once you're happy with your configuration file, rename it to something ending in '.conf': # mv My.ovpn client.conf New Step 14: Start the OpenVPN init script: # /etc/init.d/openvpn start 
 [ ok ] Starting openvpn (via systemctl): openvpn.service.That's it, you're done! As installed by default on my RN104, the OpenVPN init script looks for .conf files in the default /etc/openvpn directory where we unzipped the PIA files and did everything else. The OpenVPN init script is also set by default to start with the other services at runlevels 2-5. This means the init script will start a connection using your .conf file when the system reboots. If you're like me, and prefer to access your ReadyNAS from the outside world using port forwarding configured on a router, you'll notice that turning on OpenVPN breaks remote access. I'll write another reply soon with directions on how to configure IP rules and routes on your ReadyNAS so that your port forwarding setup will function properly. Until then, TTFN! 
arpanj2
Jan 09, 2015Tutor
dannieboiz wrote: I've been looking for this for a long time. Couple questions before I jump on PIA 
How's your speed Externally?
How's your internal speed? Any issues accessing it locally? By doing this, how does it change the way you access the RN locally?
The speed has been fine for me but again I am on 105Mbps connection, so I don't feel the pinch. I have seen torrents go as high as earlier (maybe slight downside maybe because I am using a French server while in US?)
As for local access, nothing changes - I am getting the same speed and able to access the server over LAN without any extra config. Infact, readycloud works without a glitch too over internet (when I am outside home)
FilthyAmatuer wrote: Hi apanj2, thanks for the info. However I am still having problems getting OpenVPN to work, when I try to start the service I get: 
root@NAShome:/etc/init.d# service startvpn.sh start
Fri Jan 9 13:09:03 2015 OpenVPN 2.2.1 arm-linux-gnueabi [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014
Fri Jan 9 13:09:03 2015 WARNING: file 'pass.txt' is group or others accessible
Fri Jan 9 13:09:03 2015 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Jan 9 13:09:03 2015 LZO compression initialized
Fri Jan 9 13:09:03 2015 RESOLVE: NOTE: nl.privateinternetaccess.com resolves to 4 addresses
Fri Jan 9 13:09:03 2015 UDPv4 link local: [undef]
Fri Jan 9 13:09:03 2015 UDPv4 link remote: [AF_INET]109.201.135.220:1194
Fri Jan 9 13:09:08 2015 [Private_Internet_Access] Peer Connection Initiated with [AF_INET]109.201.135.220:1194
Fri Jan 9 13:09:10 2015 AUTH: Received AUTH_FAILED control message
Fri Jan 9 13:09:10 2015 SIGTERM[soft,auth-failure] received, process exiting
root@NAShome:/etc/init.d# AUTH: Received AUTH_FAILED control message
-bash: AUTH:: command not found
root@NAShome:/etc/init.d# Fri Jan 9 13:09:10 2015 SIGTERM[soft,auth-failure] received, process exiting
Any advice would be much appreciated. Thanks in advance?
From what I am seeing, your username and/or password looks wrong. I am not a Linux Guru, so if that doesnt help, would be better to ask help in the forum.
The format for userpass file is username on first line and password on the second line. Just to check if the server is running, just type the following command in command prompt - I would strongly suggest creating a file in Linux and not on windows and then transfer.
Navigate to the directory
cd /etc/openvpn
and then type (my file is France.ovpn)
openvpn France.ovpn 
Related Content
NETGEAR Academy
 
 Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 
Join Us!
