I previously had a PPTP VPN server running on my OSMC install. WIth iOS 10 killing support for PPTP, I need another solution, so I’m trying OpenVPN.
I had a look at www.pivpn.io, which looks promising. I had to install a missing package and modify the setup script to skip the OS version check, but the install worked - the OpenVPN server starts as expected, and I can connect to it from outside my home network using my iPhone running OpenVPN Connect. I get assigned a local IP 10.0.8.X, which I understand is as expected. Unfortunately when connected to the VPN server from my iOS client I have zero connectivity (can’t access devices on the LAN, can’t access the internet).
I’d like to troubleshoot the routing issues with my current OpenVPN install. I think that because OSMC isn’t running standard Debian that something is broken in my routes - I suspect it’s a reasonably easy fix but I’m just not sure how to troubleshoot. I’m happy to provide any debugging or config info anyone can suggest.
Does anyone who has an OpenVPN server up and working successfully on OSMC have any suggestions as to the troubleshooting or debugging steps I should follow to get my routing working? I’ve tried a couple of iptables commands suggested in other threads but they didn’t appear to fix anything.
Thanks in advance
By default OpenVPN is a Point-to-Point connection.
Check
For Sections:
Expanding the scope of the VPN to include additional machines on either the client or server subnet
Routing all client traffic (including web-traffic) through the VPN
1 Like
Thanks a lot - I’ll have a read of that. Appreciate the tip - I’m a novice at this.
I have openvpn running on my OSMC installation quote successfully, but it isn’t trivial to setup nicely.
You say you had to install an additional package, do you remember what it was?
Also what is the local addressing scheme on your LAN? A lot of people run into problems because the network they are connecting from and the one they are connecting to use the same 192.168.0.0/24 or 192.168.1.0/24 schemes. If the two LANs are on the same scheme you will inevitably have routing issues.
Lastly, OSMC uses connman for networking, not network manager and so doesn’t support scripts in ifup.d so you need to use iptables-persistent instead to ensure your nat rules are retained after each reboot.
Also worth noting is that openvpn will always fail to start on boot in OSMC due to issues with systemd, the only way round this is to add a line in rc.local to restart your openvpn server 20 seconds after boot up. Otherwise it will stop working at each reboot.
Hope this helps.
Fixed (I think)! I had a read of those docs and prepared for a long and tedious battle with detailed network config, way out of my depth…
For some reason (perhaps my fault when entering info during the setup script), my server.conf file had the following content (RPi address is 10.1.1.3):
# your local subnet push "route 10.1.1.3 25.255.255.0"
Simply changing this to:
# your local subnet push "route 10.1.1.0 255.255.255.0"
appears to have fixed everything. I now get local network access and internet access when connected to the VPN server just as desired.
Thanks again @fzinken for the steer.
Thanks @yknivag for the thoughts. I can’t remember the name of the missing package, it’s one that lets the setup script create a GUI in the Linux shell.
Just a note, I ran the www.pivpn.io setup script (with minor modification to avoid it telling me I had an unsupported OS) and I’ve had no issues with the server starting up - it comes up just fine on every reboot. The entry it created in iptables is persistent across reboots as well (as far as I can tell).
Assuming my setup is now working (I’m posting this while connected to the VPN), the whole process was remarkably easy - the setup script pretty much took care of everything (and I suspect my routing issue was my own fault for entering something wrong during the script).
I would imagine then (if you are certain that the server is running ok and that the iptables nat entries are present and correct) that your issue lies with your LAN being on the same adressing scheme as the network you are trying to connect to.
Whay local IP addresses are using on your LAN?
I’ve had a look at the scripts on that site and they assume the network management software is dhcpcd which isn’t used in OSMC. For it to successfully install the network configurations you will need to change more than just remove the os check.
You’ll need to review and possibly repeat the network and firewall configurations manually with respect to connman rather than dhcpcd.
This blog contains a full tutorial on how to both setup and troubleshoot OpenVPN on OSMC. It’s the one I followed.
You might have missed my post above - everything is working now. A minor change in a config file fixed it.
From what you are saying it sounds like I should be having more issues, but I’m not - it all appears to be working as expected. Not sure why. I just ran the install script, and then fixed the typo in server.conf, and it works.
The error in the server.conf will have been because the script didn’t get the correct details when it tried to query dhcpcd.conf for the network address.
Glad you got it working though.
1 Like