How-To: Setting Up OpenMediaVault Remote Access with OpenVPN

How-To: Setting Up OpenMediaVault Remote Access with OpenVPN

By Mikeal Tadeo

Do you have a NAS running OpenMediaVault, or are you looking to build one, and want to access your files remotely? Look no further!

Before we begin, make sure you have set a static internal IP address for your NAS and that you have the port forwarded (port 1194 in this case). If you don’t set a static internal IP, you could lose access to your NAS and may have to redo steps. Setting a static internal IP varies from router to router, so look online for router-specific guides. For a static public IP address, you will need to contact your ISP, for which the price varies. Your public IP address may not change, sometimes not for years, but it is worth mentioning as we will be using the public IP address.

Another alternative is to use a Dynamic DNS service, such as DuckDNS. This allows you to use a domain that automatically updates along with your public IP address. More information on how to set up DuckDNS can be found here.

To begin, navigate to System>OMV Extras. In the search bar near the top, search for OpenVPN. Select OpenVPN and again near the top, select install. This will install the OpenVPN plugin. A reboot may be required to finish the installation.

(Hint: Right-Click on image and select "View Image" to see it in a larger size - when done, click the browser's "Back" button to return to the article)

Next, we will configure OpenVPN. Once the plugin is installed, navigate to Services>OpenVPN. In this window, make sure PAM authentication is turned on under General Settings, the Gateway Interface is set to the correct device (in my case it is eth0), and make sure that Use Compression is turned off (according to OpenVPN there is currently an exploit that gains access only if you use compression. Read more about it here). Your public address is your public IP. Make sure that you have the port forwarded in your router, port 1194 in this case, for the NAS’s IP.

After these three settings have been configured, at the top navigate to Certificates. Select Add and then select a user and give it a secondary name. This will create the access certificate. Download the certificate using the Download button. This will be used in the next step.

Next, we need to install the VPN access software. Go to OpenVPNs community download, located here (Windows version) and here (Mac version, but currently untested by me) and install the program. After you install the program, find the install folder (usually located at C:\Program Files\OpenVPN\Config) and put the items from the downloaded .rar into the Config folder. Once the certificate files are in the folder, run the OpenVPNGUI program and you should see the window below. The login will be whichever user you selected when creating the certificate and the password associated with that user (note that you will be using the OpenMediaVault users). I suggest that you create a specific certificate for each user you will be connecting.

After you are successfully connected, you should be able to connect network shares as if you were on the home network, using the router’s IP address for your NAS (the internal, not public IP). Enjoy!

If you are using VPN on a Mac, you may also want to check out softwarehow.com/best-vpn-mac.

Check out our single-board computers and NAS offerings.

Previous article How-To: Install Debian on ODROID-HC4 via Petitboot

Comments

Daan den Dikken - September 2, 2021

Where can i access my files? I have a working connection with openvpn on OMV5, but i dont understand how to access my files.

Bo - June 11, 2021

@Mustafa: “The login will be whichever user you selected when creating the certificate and the password associated with that user (note that you will be using the OpenMediaVault users).”

Mustafa - June 11, 2021

I did everything works perfectly but I couldn’t find what are username and password what is username and password

Tadeu Botelho - June 1, 2021

The article fits perfectly on May 31, 2021. I just followed the step and step and it worked perfectly. In less than 5 minutes I managed to make OpenVPN work on OMV version 5.

note:
Virtually nothing has changed in the OpenVPN to OMV interface in the past 2 years.

Thanks

Bo - December 23, 2020

@HelenHH – This article was written two years ago, so OMV has undoubtedly evolved over that time. We have a very limited staff, and the employee who wrote this article has moved on. We do accept submissions, so we’d love it if you would like to submit a more up-to-date article!

HelenHH - December 23, 2020

Article edits? How about looking at a version of OVM 10x newer than the version used to write the article. Entire screens are now different. It’s impossible to EVER follow this old article and get anything working correctly. Why keep a non-working article online at all?

Bo - November 12, 2020

@DonnaHere – This article was written two years ago, so OMV has undoubtedly evolved over that time. If you have any edits you can suggest making, we’d be happy to do that.

DonnaHere - November 12, 2020

Was this article written with an extremely old version of OpenMediaVault?
“Extras” doesn’t have a “search bar”…. and it doesn’t contain OpenVPN anyway.

SusanSS - November 4, 2020

> I suggest that you create a specific certificate for each user you will be connecting.

Huh?

112 employees? I’ll have to create 112 individual certs? No thanks.

Bo - May 14, 2019

Alex: Yes, you should use the dynamic DNS address instead so that you can access it even after your public IP changes.

Leave a comment

Comments must be approved before appearing

* Required fields

x