Release a VPN app for he EX and DL series NASs

I need votes of this idea.  :slight_smile:

http://community.wd.com/t5/Network-Product-Ideas/Release-a-VPN-app-for-he-EX-and-DL-series-NASs/idi-p/897095

Hello, 

Its a great idea, I just voted it up myself.

Thanks. it just dawned on me. The EX’s and DL’s do apps. There is no real reason that this functionality can’t be added as an app.  Everything to allow to make the NAS into a VPN server is there. Just lacking a useful user-friendly UI to shield the user from a complicared OpenVPN command line and set-up.

Thanks for the vote.

Myron wrote:

Thanks. it just dawned on me. The EX’s and DL’s do apps. There is no real reason that this functionality can’t be added as an app.  Everything to allow to make the NAS into a VPN server is there. Just lacking a useful user-friendly UI to shield the user from a complicared OpenVPN command line and set-up.

 

Thanks for the vote.

It’s definately do-able.  I’m running an EX4100 with the “qnapware” packages installed and the openvpn components on it, works well on this platform.  I have this unit at home and VPN to it from my workplace to access resources on my home network.  I’ve only got it to work with certificate based authentication at this stage, but no reason why it could not work with user and password (except for the non persistent password files on the unit betwen reboots).

openvpn is already on all the WD NASes. Just needs an app to apply the necessary configuration and run openvpn as a VPN server.

Myron wrote:

openvpn is already on all the WD NASes. Just needs an app to apply the necessary configuration and run openvpn as a VPN server.

Myron,

Ahh, just see what you mean :

root@WDMyCloudEX4100 / # ls -al /usr/local/modules/sbin/openvpn
-rwxr-xr-x 1 root root 172 Jun 24 14:21 /usr/local/modules/sbin/openvpn

root@WDMyCloudEX4100 / # ls -al /usr/local/modules/sbin/openvpn.bin
-rwxr-xr-x 1 root root 506948 Jun 24 14:21 /usr/local/modules/sbin/openvpn.bin

Happens to be the same version as what is in qnapware, so could have seved myself some work…  Oh well!!!

This is what’s on the FL4100:

root@ZEUS root # ls -al /usr/local/modules/sbin/openvpn
-rwxrwxr-x 1 root root 604576 Sep 7 02:13 /usr/local/modules/sbin/openvpn
root@ZEUS root # openvpn --version
OpenVPN 2.3.0 x86_64-intel-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [IPv6] built on Apr 28 2015
Originally developed by James Yonan
Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net>
Compile time defines: enable_crypto=yes enable_debug=yes enable_def_auth=yes enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_eurephia=yes enable_fast_install=yes enable_fragment=yes enable_http_proxy=yes enable_iproute2=no enable_libtool_lock=yes enable_lzo=yes enable_lzo_stub=no enable_management=yes enable_multi=yes enable_multihome=yes enable_pam_dlopen=no enable_password_save=yes enable_pedantic=no enable_pf=yes enable_pkcs11=no enable_plugin_auth_pam=no enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_small=no enable_socks=yes enable_ssl=yes enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=no enable_win32_dll=yes enable_x509_alt_username=no with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_plugindir='$(libdir)/openvpn/plugins'
root@ZEUS root #

My disadvantage is that I’ve never had a need to play with openvpn so I got a very steep llearning curve on this one.

From your experience, any quick start guides out there?

Myron wrote:

This is what’s on the FL4100:

 

My disadvantage is that I’ve never had a need to play with openvpn so I got a very steep llearning curve on this one.

 

From your experience, any quick start guides out there?

Myron,

Pretty much just followed the guide at openvpn ( https://openvpn.net/index.php/open-source/documentation/howto.html)) and made minor adjustmnets to the locations of files and the like…  I’ve only got it using certificates at this stage but might be possible to hook it up to PAM and create users through the Web GUI so they are persistent between reboots.  Also might be able to look at an external script for authentication as well.

Happy to give you a hand if you take the plunge…

Cheers,

JediNite