Virtual Private Network (OpenVPN)

What is OpenVPN?

OpenVPN provides to your FreedomBox a virtual private network service. You can use this software for remote access, site-to-site VPNs and Wi-Fi security. OpenVPN includes support for dynamic IP addresses and NAT.

Port Forwarding

If your FreedomBox is behind a router, you will need to set up port forwarding on your router. You should forward the following ports for OpenVPN:

Setting up

  1. In Plinth apps menu, select Virtual Private Network (OpenVPN) and click Install.

  2. After the module is installed, there is an additional setup step that may take a long time to complete. Click "Start setup" to begin.

    OpenVPN service page

  3. Wait for the setup to finish. This could take a while.
  4. Once the setup of the OpenVPN server is complete, you can download your profile. This will download a file called <USER>.ovpn, where <USER> is the name of a FreedomBox user. Each FreedomBox user will be able to download a different profile. Users who are not administrators can download the profile from home page after login.

  5. The ovpn file contains all the information a vpn client needs to connect to the server.
  6. The downloaded profile contains the domain name of the FreedomBox that the client should connect to. This is picked up from the domain configured in 'Config' section of 'System' page. In case your domain is not configured properly, you may need to change this value after downloading the profile. If your OpenVPN client allows it, you can do this after importing the OpenVPN profile. Otherwise, you can edit the .ovpn profile file in a text editor and change the 'remote' line to contain the WAN IP address or hostname of your FreedomBox as follows.

client
remote mybox.sds-ip.de 1194
proto udp

Browsing Internet after connecting to VPN

After connecting to the VPN, the client device will be able to browse the Internet without any further configuration. However, a pre-condition for this to work is that you need to have at least one Internet connected network interface which is part of the 'External' firewall zone. Use the networks configuration page to edit the firewall zone for the device's network interfaces.

Usage

On Android/LineageOS

  1. Visit FreedomBox home page. Login with your user account. From home page, download the OpenVPN profile. The file will be named username.ovpn.

    • OpenVPN Download Profile

  2. Download an OpenVPN client such as OpenVPN for Android. F-Droid repository is recommended. In the app, select import profile.

    • OpenVPN App

  3. In the select profile dialog, choose the username.opvn file you have just downloaded. Provide a name for the connection and save the profile.

    • OpenVPN import profile

  4. Newly created profile will show up. If necessary, edit the profile and set the domain name of your FreedomBox as the server address.

    • OpenVPN profile created

      OpenVPN edit domain name

  5. Connect by tapping on the profile.
    • OpenVPN connect

      OpenVPN connected

  6. When done, disconnect by tapping on the profile.
    • OpenVPN disconnect

On Debian

Install an OpenVPN client for your system

$ sudo apt install openvpn

Open the ovpn file with the OpenVPN client.

$ sudo openvpn --config /path/to/<USER>.ovpn

Checking if you are connected

On Debian

  1. Try to ping the FreedomBox or other devices on the local network.

  2. Running the command ip addr should show a tun0 connection.

  3. The command traceroute freedombox.org should show you the ip address of the VPN server as the first hop.

https://community.openvpn.net/openvpn

Back to Features introduction or manual pages.


Intro

Information

Support

Contribute

Reports

Promote

Vision

Hardware

Live Help

Where To Start

Translate

Calls

Talks

Overview

Download

Q&A

To Do

Design

Releases

Press

Features

Manual

Contributors

Code

Blog

FreedomBox for Communities

FreedomBox Developer Manual

HELP & DISCUSSIONS: Discussion Forum - Matrix - Mailing List - #freedombox irc.debian.org | CONTACT Foundation | JOIN Project

Next call: Saturday, April 13 at 14:00 UTC

This page is copyright its contributors and is licensed under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license.


CategoryFreedomBox