matomo

Install OpenVPN on FreeNAS

1. (Optional) Create jail

If you want OpenVPN to run in a jail, you must first create one. If you already have jail, or don't want to use it go to step 2.

Go to the FreeNAS GUI. In the menu, click on JailAdd Jail. Enter ovpn as the name for the jail.

2. Enable SSH

SSH:ing into your FreeNAS server with the root account is disabled by default. You will therefore have to create a new user. In the menu, click on AccountsUsers. Click on ADD and fill out the form. Check the box to permit sudo on the account.

In the menu, click on Services. Make sure SSH is On. In the left menu, click on ServicesSSH.

3. SSH to the NAS

Use a SSH client to SSH to your NAS. If you're on Windows, we suggest Putty. If you're on macOS or Linux, use the terminal.

4. Enter the jail (if created)

If you're using a jail, we now need to enter it. Write:

jls

Locate the JID for the jail you want. The name for the jail is under the Hostname column.

jexec REPLACE WITH THE JID tcsh

5. Enter the jail (if created)

If you're using a jail, we now need to enter it. Write:

jls

6. Elevate privileges

sudo su -

7. Enable auto start

echo 'openvpn_enable="YES"' >> /etc/rc.conf && echo 'openvpn_enable="YES"' >> /conf/base/etc/rc.conf
echo 'openvpn_configfile="/usr/local/etc/openvpn/openvpn.conf"' >> /etc/rc.conf && echo 'openvpn_configfile="/usr/local/etc/openvpn/openvpn.conf"' >> /conf/base/etc/rc.conf

8. Download the configuration you want

9. Enter your login credentials

echo "CHANGE TO YOUR USERNAME" >> /usr/local/etc/openvpn/credentials
echo "CHANGE TO YOUR PASSWORD" >> /usr/local/etc/openvpn/credentials
cp /usr/local/etc/openvpn/credentials /conf/base/etc/local/openvpn/credentials

10. Start OpenVPN and see that everything works

/usr/local/etc/rc.d/openvpn start

11. Verify that the connection was successful

Wait about 30 seconds and then run:

curl https://www.ovpn.com/v2/api/client/ptr

You should see something like:

{"status":true,"ip":"the external ip","ptr":"PTR for the IP address"}

12. Done

Congratulations! Your device is now protected behind OVPN and will automatically connect on reboots. If you encountered any issues, please send the log file (/tmp/openvpn.log) to our support.

Troubleshooting

In case the connection was not set up properly when you verified it in the previous step, please send us the OpenVPN log so we can assist. You can retrieve it by writing:

sudo -i
cat /tmp/openvpn.log

You can also check if OpenVPN is running properly by writing:

ps aux|grep openvpn