Register for the iXsystems Community to get an ad-free experience

SOLVED OpenVPN on router or FreeNAS?

Western Digital Drives - The Preferred Drives of FreeNAS and TrueNAS CORE
Status
Not open for further replies.

sfryman

Dabbler
Joined
Dec 11, 2016
Messages
13
I would like to set up OpenVPN so that I can monitor & troubleshoot my home network while I'm away. Plex or Transmission occasionally stop working and then I get a call from the wife. It's really hard troubleshooting over the phone.

My question is whether it's better to set up OpenVPN on the FreeNAS server or on my router. I have an Asus RT-AC88U running the latest Merlin firmware, which supposedly supports OpenVPN. My thinking was that installing it on the router would be better because it's one less link in the chain in case the server fails. If setup on FreeNAS and the server goes down, no VPN. If OpenVPN was on the router however then I could still VPN into the server's IPMI and re-start.

The problem with this plan is I haven't found a good tutorial for setting up OpenVPN on my router, so I am having trouble with it. But there is a good tutorial for FreeNAS: https://forums.freenas.org/index.ph...-6-with-access-to-remote-hosts-via-nat.22873/
I am basically a noob at this stuff, but these instructions seem easy enough for me. With the right guidance I can usually get this kind of thing to work.

sorry this is kinda long
tldr: Is it "better" to setup OpenVPN on my router or is there some advantage to doing it on the FreeNAS server?
 

snaptec

Guru
Joined
Nov 30, 2015
Messages
502
If your Router fully Supports it, Go for the router way.
If Not, on the FN with the disadvantages you mentioned.

In my opinion the perfect Solution:
Openvpn on pfsense as router.


Gesendet von iPhone mit Tapatalk
 

diedrichg

Wizard
Joined
Dec 4, 2012
Messages
1,319
Router. I have the stock firmware on the AC66U and it works without a hitch. It's incredibly simple to set, just Google "openvpn settings ASUS router" and you'll get some hits on the ideal settings. AES, forwarding traffic, etc.
 

scrappy

Patron
Joined
Mar 16, 2017
Messages
347
Go with the router if possible. That way, if you need to shut down or restart FreeNAS you'll still have a connection to your network regardless.
 

nojohnny101

Wizard
Joined
Dec 3, 2015
Messages
1,476
Go with the router if possible. That way, if you need to shut down or restart FreeNAS you'll still have a connection to your network regardless.
I agree with this. FreeNAS has always been a NAS first, that is what it was designed to do. Anything you setup in a jail or VM is secondary and should be non-critical things. People who do not know what they are doing often pile too functions onto FreeNAS and get upset when it breaks or underperforms when in reality it was never designed to do anything other than serve files.

Also I am too lazy to look up specs on your particular router, but I read a recent thread on here discussing the best hardware for a VPN solution and it was mentioned multiple times in that thread that consumer routers are often underpowered and get bogged down with the encryption standards, therefore robbing people of their internet speeds. So just be cognizant of that. You can always test it out on the router you have now and see if you run into any bottlenecks due to its internals.

Good luck.
 

Redcoat

MVP
Joined
Feb 18, 2014
Messages
2,655
I have the AC66U with Merlin firmware sitting behind a bridged cable modem - no problems detected with remote access, file transfer, with its OpenVPN implementation.
 

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
13,842
I read a recent thread on here discussing the best hardware for a VPN solution and it was mentioned multiple times in that thread that consumer routers are often underpowered and get bogged down with the encryption standards,
Yeah, if you need high VPN throughput, you probably need a higher-spec router. But for occasional remote access to your network, there really shouldn't be a problem.
 

sfryman

Dabbler
Joined
Dec 11, 2016
Messages
13
Thanks for the input, everyone. It was embarrassingly easy to setup OpenVPN on the router when I just tried it..I was attempting to manually create keys from what turned out to be wrong instructions.

Also just fyi I checked load on the Asus from the Web portal while using OpenVPN (1 client only), Core1 hovers around 10%, Core2 is ~1%. The RT-AC88U is a pretty high-end (expensive) router, so it should be fine for me.
 
Status
Not open for further replies.
Top