*****************************************************
**NEWEST WORKING GUIDE IN 2017!! Freenas 11 U02**
****************************************************
adapted from this post: https://forums.freenas.org/index.ph...ith-openvpn-and-pia.24566/page-24#post-404858
Thanks Fizassist!
Install transmission via the webgui.
Have the following info ready:
USERNAME = UUUUUUUU
Password=PPPPPPPPPP
Restart your Jail via the Web GUI
Now to test:
if its different than your public ip (via a web browser on your computer) you're good.
Next is the Firewall portion so Transmission Only Connects to the internet via PIA.
See Step 3 & 4 from This Reddit link: https://www.reddit.com/r/freenas/comments/41fhz3/configuration_guide_for_openvpn_and_ipfw_so_that/
DON'T FOLLOW THE BELOW _ LEAVING IT FOR REFERENCES WILL NOT WORK 05 Oct 2017
**********************************************************************
*** 3 Years later edit:
1st) This has blown up! Thanks for all the support from everyone fixing issues with my original post.
2nd) Please see here:
OpenVPN doesn't need to do Portsnap any more
**EDIT - The great people on this forum have created an easy to use script (Link to Script by Jafrey) that automates what I outline below. I'd recommend doing it the 'hard way' once to understand what's happening, then use the automated script from then on. Thanks Jafrey!
Here's my first attempt at making an actual guide for PrivateInternetAccess (PIA) and OpenVPN.
I'm going to assume you are:
You'll need this URL: https://www.privateinternetaccess.com/openvpn/openvpn.zip
FYI - it's the files we're going to download in the jail.
Basically we're going to install OpenVPN creating a Portsnap OpenVPN version that allows us to save our username (USER1) and password (PASSWRD) to a txt file that will be used everytime the OpenVPN service is started.
HERE WE GO!
We've successfully created OpenVPN that will have an interactive passwords read from a file.
Yeay!
Now to set it up.
Getting very close to being done.
Now to see if it works!!
WORKED FOR ME (5 times).
Also - shoutout to a LOT of people on here. There are several works I used to make this:
LIKE this amazing post by mjws00
**NEWEST WORKING GUIDE IN 2017!! Freenas 11 U02**
****************************************************
adapted from this post: https://forums.freenas.org/index.ph...ith-openvpn-and-pia.24566/page-24#post-404858
Thanks Fizassist!
Install transmission via the webgui.
Have the following info ready:
USERNAME = UUUUUUUU
Password=PPPPPPPPPP
Code:
##Step 1: SSH into freenas. (I use PuTTy) ##Step 2: Get a list of jails root@freenas ~# jls JID IP Address Hostname Path 4 - transmission_1 /mnt/<volumename>/jails/transmission_1 ##Step 3: jexec into the jail (mine happens to be 4 - yours may vary) root@freenas ~# jexec 4 tcsh root@transmisssion_1:/ # ##run the following commands (say yes after any prompts): pkg update pkg install wget pkg install openvpn ##Type the following verbatim commands and press enter after each: cat > /etc/rc.conf.d/openvpn <<HERE openvpn_enable="YES" openvpn_configfile="/usr/local/etc/openvpn/openvpn.conf" HERE cd /tmp mkdir openvpn ; cd openvpn wget https://www.privateinternetaccess.com/openvpn/openvpn.zip --no-check-certificate unzip openvpn.zip ##Note (don't type this line) - if you want to use a different PIA portal, change the "US\ West.ovpn" portion to whatever ovpn you want. sed -i .bak 's/auth-user-pass/auth-user-pass pass.txt/' US\ West.ovpn printf "UUUUUUUU\nPPPPPPPPPP\n" > pass.txt mkdir /usr/local/etc/openvpn cp ca.rsa.2048.crt crl.rsa.2048.pem pass.txt /usr/local/etc/openvpn/ cp US\ West.ovpn /usr/local/etc/openvpn/openvpn.conf
Restart your Jail via the Web GUI
Now to test:
Code:
type: "wget -qO - http://wtfismyip.com/text"
if its different than your public ip (via a web browser on your computer) you're good.
Next is the Firewall portion so Transmission Only Connects to the internet via PIA.
See Step 3 & 4 from This Reddit link: https://www.reddit.com/r/freenas/comments/41fhz3/configuration_guide_for_openvpn_and_ipfw_so_that/
DON'T FOLLOW THE BELOW _ LEAVING IT FOR REFERENCES WILL NOT WORK 05 Oct 2017
**********************************************************************
*** 3 Years later edit:
1st) This has blown up! Thanks for all the support from everyone fixing issues with my original post.
2nd) Please see here:
OpenVPN doesn't need to do Portsnap any more
**EDIT - The great people on this forum have created an easy to use script (Link to Script by Jafrey) that automates what I outline below. I'd recommend doing it the 'hard way' once to understand what's happening, then use the automated script from then on. Thanks Jafrey!
Here's my first attempt at making an actual guide for PrivateInternetAccess (PIA) and OpenVPN.
I'm going to assume you are:
- A subscriber to PIA
- Have a username (hence forth USER1)
- Have a password (hence forth PASSWRD)
- Have transmission set up with storages attached. (probably add this portion later but check out here until then: Awesome Link
Note - you don't have to add the DLNA, Sickbeard or Couchpotato for the following guide to work. - Can get Transmission to download items by adding a torrent in some manner.
- Want Transmission to use OpenVPN to connect to the PIA servers
You'll need this URL: https://www.privateinternetaccess.com/openvpn/openvpn.zip
FYI - it's the files we're going to download in the jail.
Basically we're going to install OpenVPN creating a Portsnap OpenVPN version that allows us to save our username (USER1) and password (PASSWRD) to a txt file that will be used everytime the OpenVPN service is started.
HERE WE GO!
Code:
##Step 1: SSH into freenas. (I use PuTTy) ##Step 2: Get a list of jails root@freenas ~# jls JID IP Address Hostname Path 4 - transmission_1 /mnt/<volumename>/jails/transmission_1 ##Step 3: jexec into the jail (mine happens to be 4 - yours may vary) root@freenas ~# jexec 4 tsch root@transmisssion_1:/ # ##Step 4: install bash. May be prompted several times - reply Y then press enter each time. root@transmission_1:/ # pkg install bash ##step 5: install nano. Again, may be prompted several times. Reply Y each time. root@transmission_1:/ # pkg install nano ##Step 6: move to the /etc folder. root@transmission_1:/ # cd /etc root@transmission_1:/etc # ##Step 7: Fetch Portsnap via portsnap fetch root@transmission_1:/etc # portsnap fetch ## This will take a while to download and ask for several prompts - you know the drill.
Code:
##Step 8: Extract Ports to /usr/ports root@transmission_1:/etc # portsnap extract ## This will also take a long time and A LOT of scrolling will happen. It's normal. ##Step 9: Navigate to /usr/ports/security/openvpn root@transmission_1:/etc # cd /usr/ports/security/openvpn root@transmission_1:/usr/ports/security/openvpn # ##Step 10: Make a clean install which allows us to set the option of a password file. root@transmission_1:/usr/ports/security/openvpn # make install clean ## Blue screen should appear. Press the DOWN arrow and the SPACE bar to ensure the [ ] next to PW_Save ( 5th option down) has an X in it. ## should look this: x+[X] PW_Save Interactive passwords may be read from a file ## then press enter. Lots of things should happen now - and it will look like it's hanging. It's not. Just taking a while.
We've successfully created OpenVPN that will have an interactive passwords read from a file.
Yeay!
Now to set it up.
Code:
##Step 11: go to root directory of the transmission_1 jail. root@tranmission_1:/usr/ports/security/openvpn # cd / root@transmission_1:/ # ##Step 12: Enter Bash root@transmission_1:/ bash [root@transmission_1 /]# ##Step 13: Make a directory for OpenVPN & our files we download from PIA [root@transmission_1 /]# mkdir /usr/local/etc/openvpn ##Step 14: Add lines to the rc.conf so OpenVPN starts when the jail starts. [root@transmission_1 /]# cd / etc ##note - use Ctrl+o will write the file and Ctrl+X will exit. [root@transmission_1 /etc]# nano rc.conf ##File is open. ##Add the following (can copy/paste using ctrl+C then right clicking in the shell) openvpn_enable="YES" openvpn_configfile="/usr/local/etc/openvpn/openvpn.conf" ##Write via Ctrl+O. Press Enter ##Exit via Ctrl+X.
Code:
##Step 15: Move to a new folder (helps me keep things straight) [root@transmission_1 /etc]# cd /media/ [root@transmission_1 /media]# ##Step 16: wget the PIA files, you'll likely need to add --no-check-certificate so it will actually download. [root@tranmission_1 /media]# wget https://www.privateinternetaccess.com/openvpn/openvpn.zip --no-check-certificate ##Step 17: unzip the PIA openvpn files. [root@tranmission_1 /media]# unzip openvpn.zip ##Step 18: make a pass.txt file to hold your username and password. [root@tranmission_1 /media]# nano pass.txt ##Nano will pop up. ONLY type in the following (substituting your REAL username and password of course) USER1 PASSWRD ##Press Ctrl+o. call it pass.txt. then enter. then Ctrl+X ##Step 19: Configure the .ovpn file of your selected server. (I did UK London) [root@tranmission_1 /media]# nano "UK London.ovpn" ## On the auth-user-pass line add pass.txt after it like so: auth-user-pass pass.txt ####Press Ctrl+o. call it UK London.ovpn. then enter. then Ctrl+X
Getting very close to being done.
Code:
##Step 20: skipped. ##Step 21: Move the fixed PIA files into the correct folder we just created ##The actual OpenVPN files we created earlier. ##ca.crt next [root@transmission_1 /media]# cp /media/ca.crt /usr/local/etc/openvpn/ca.crt ##crl.pem next [root@transmission_1 /media]# cp /media/crl.pem /usr/local/etc/openvpn/crl.pem ##our pass.txt file we created [root@transmission_1 /media]# cp /media/pass.txt /usr/local/etc/openvpn/pass.txt ##finally renaming the <Server>.ovpn file to .conf file --- You'll have to use "" around the name if there is a space in it. [root@transmission_1 /media]# cp /media/"UK London.ovpn" /usr/local/etc/openvpn/openvpn.conf
Now to see if it works!!
Code:
[root@transmission_1 /]# /usr/local/etc/rc.d/openvpn start Starting OpenVPN
WORKED FOR ME (5 times).
Also - shoutout to a LOT of people on here. There are several works I used to make this:
LIKE this amazing post by mjws00
Last edited: