NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Trying to use VPN with local services
Hi all. I've got a paid-for VPN service (NordVPN) that I'm wanting to use, specifically, for transmission. I also have SSH/sickrage/etc running and have OpenVPN server running so that I can VPN into my home when I'm traveling to access anything at the house.
When NordVPN is running, it is bound to tun1 and I have scripts that bind transmission/SR/NZB/etc to the tun1 interface when they start up. This prevents them from listening on the local eth0, (home LAN, 10.10.10.0/24).
SSH is bound to all interfaces; because ReadyNAS OS won't let you change this setting. I've tried and it get's reverted on reboot. Other things, sickrage/python-stuff/etc are bound to 10.10.10.202 (servers static local IP).
When I'm at home, with NordVPN connected and working, my laptop has no problems connecting to anything running on the NAS over local house network.
However, when I'm away, say at local Starbucks, I cannot SSH and cannot VPN into my server (yes I have proper ports forward at the router). I'm assuming this is because packets come in via 10.10.10.202 but get sent out the default route which is NordVPN, who then drops my packets. Thus, no services work while NordVPN is connected. If I turn off NordVPN, everything works from home and from coffee shop.
How can I configure my ReadyNAS so that even if NordVPN is up and running, all my other services continue to work from home and from coffee shop?
I saw a solution based on using iptables conntrack, but that module is unavailable to ReadyNAS users as it's not part of the provided kernel/OS.
utdrmac4 wrote:I could also run the OpenVPN server on my RPi3
One big advantage of doing that is that you don't mess with ReadyNAS OS. I don't know if your unit is still entitled to Support, but if you modify the system, then you might not get any Support (Hardware warranty is separate). Also, you're not bound to remain on the same ReadyNAS OS version, etc. One downside is that, depending on your broadband speed, the RPI will be a bottleneck, because of the FastEthernet port, hairpinning and weak CPU for encryption of the packets.
I think using a RPI to enhance features of a proprietary NAS is a good approach. I used to do just that, now I use docker, which is unfortunately still not available on ReadyNAS.
6 Replies
Replies have been turned off for this discussion
Can you set up a separate VPN in your router ( i.e. OpenVPN) specifically to allow you to access your network while away from home?
Then your remote device will look like it's on your local house network.
No, my router doesn't support that kind of functionality. As a side note, I could also run the OpenVPN server on my RPi3, but I was trying to keep all "server" related software on the NAS.
utdrmac4 wrote:I could also run the OpenVPN server on my RPi3
One big advantage of doing that is that you don't mess with ReadyNAS OS. I don't know if your unit is still entitled to Support, but if you modify the system, then you might not get any Support (Hardware warranty is separate). Also, you're not bound to remain on the same ReadyNAS OS version, etc. One downside is that, depending on your broadband speed, the RPI will be a bottleneck, because of the FastEthernet port, hairpinning and weak CPU for encryption of the packets.
I think using a RPI to enhance features of a proprietary NAS is a good approach. I used to do just that, now I use docker, which is unfortunately still not available on ReadyNAS.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
