OpenVPN or Wireguard tutorial?

Could someone point me to a tutorial for getting OpenVPN working on a Vero 4K+? If possible I’d like to be able to turn it on and off from inside the Kodi UI.

EDIT: We seem to have ended up talking about Wireguard quite a lot in this thread, too, so I’ve amended the subject line.

What you want OpenVPN for?

IMHO, wireguard is way easier to setup. Kind of like SSH for network connections.
And there are several nice UI’s (web-based) you can use to manage the users/accesses on it.

1 Like

Feel free to point me towards a Wireguard tutorial as well. :slightly_smiling_face:

For the Wireguard installation: How To Set Up WireGuard on Ubuntu 20.04 | DigitalOcean (My firewall runs ubuntu, so that’s why I have that one).

For the UI: GitHub - ngoduykhanh/wireguard-ui: Wireguard web interface

Since I discovered it, I leave the openvpn stuff on but only because legacy!

That’s about ten times more complex than I can possibly handle: for starters, I don’t have anything else I could run a Wireguard server on. I just need a way to run a VPN client on the Vero 4K+ itself that can connect to a commercial VPN service (I’m trying Surfshark at the moment).

For a Client, yes. Even though wireguard for a client is about copying a wg.conf file into /etc/wireguard and start the wireguard service (if they - commercial VPN - have it).

@angry.sardine this should handle all your needs!

Matrix version:

Hey Tom
I just wrote a tutorial and posted it a few minutes ago.
Everything works except I can’t get it to autostart at boot time and pick up SurfSharks DNS servers. Give it a try.

Would this work on a Vero 4K as well?

Hi angry.sardine,

Both should work fine. For wireguard if you are running the latest osmc update, don’t install the backport repositories as they are not needed and are for buster.

Regards Tom.

just in case somebody stumbles over this topic trying to configure wireguard (as I did) and hitting a dead end as the pastes in the linked thread are down by now (as expected), I share with you my pseudo-tutorial (what eventually worked for me) to set up a Vero as a WireGuard “client”:

ssh to your Vero
first we install wireguard and openresolv, which you need if you want to provide a DNS in your conf

sudo apt install wireguard-tools
sudo apt install openresolv

now we configure the client (you can name wg0 however you want, just change it accordingly in the following):

sudo nano /etc/wireguard/wg0.conf

paste the config, save and exit nano
you can now establish and test the connection with

sudo wg-quick up wg0
sudo wg

if you want to have the connection to be automatically established, you can enable a system.d service. we will first manually disconnect, then configure the service and test it:

sudo wg-quick down wg0
sudo systemctl enable wg-quick@wg0.service

I think it is prudent to wait for network in this case, so we edit the service and add connman-wait-for-network.service to the Wants and After line in Unit, so it looks like this in the beginning::

sudo nano /lib/systemd/system/wg-quick@.service

[Unit]
Description=WireGuard via wg-quick(8) for %I
After=network-online.target nss-lookup.target
Wants=network-online.target nss-lookup.target connman-wait-for-network.service
After=connman-wait-for-network.service
PartOf=wg-quick.target

now we can start the service and test it:

sudo systemctl start wg-quick@wg0.service
sudo systemctl status wg-quick@wg0.service
sudo wg

now it should work. hooray.

feel free to point out problems with my approach, I’m pretty much learning as I go. What tripped me up was the resolve error when having a DNS = line in the conf. it got sorted by installing openresolv.

cheers

1 Like