OpenVPN setup & usage

lukasberan · October 18, 2017, 1:18pm

Hi.

I am going to buy Turris Omnia and the main reason is powerful router with full IPv6 support and VPN server. I have 100 Mbit/s up/down connectivity with dualstack and I want to provide this connectivity to a small office (5 computers or so). But the main question is about VPN. I’ve never used OpenVPN on my private Turris 1.0. I’d like to get as high speed as possible also for OpenVPN clients, but based on this discussion the speed will be around 50-60 Mbit/s max., correct? VPN Performance on Marvell CPU

Is IPv6 also supported for OpenVPN? I mean when I will be connected from dualstack network, it will use IPv6 connectivity to the VPN server and then IPv6 connectivity to the Internet? I will use a domain name for the router’s public IPs with both A and AAAA records. And if I will be on IPv4-only network, I will be connected via IPv4 to the VPN server but I’ll get IPv6 IP and connectivity from the VPN server?

And is there any update about routing all packets through the VPN server, or do we have to still configure it manually like here? OpenVPN server easy and fast

Thank you

turrisuser · June 30, 2018, 9:23pm

If you want 100Mbit and above speeds on Omnia, forget about OpenVPN and try Wireguard.
I currently use a public VPN service and reach 300Mbit up/down speeds on Omnia with Wireguard.
Both IPv4 and IPv6 are supported in any configuration you wish, setup is really easy via Luci/CLI.

vgivanovic · August 4, 2018, 10:34pm

@turrisuser Could you point me in the right direction for the really easy [setup] via LuCI/CLI?
Where is the wireguard opkg? It is definitely not in the standard distribution.

Thanks.

turrisuser · August 5, 2018, 2:32am

It’s actually very easy, I just followed the steps from the guide of my VPN provider (Mullvad).

When you install the luci-proto-wireguard package from Luci, it will also install all other
required packages like wireguard kernel module and the binary client.

There is another provider called AzireVPN which offers a similar guide,

Those are the only 2 commercial VPN providers I’m aware of who provide Wireguard servers.

anon50890781 · August 5, 2018, 1:03pm

kmod-wireguard
luci-proto-wireguard
wireguard-tools

vgivanovic · August 6, 2018, 3:30am

My apologies! I was sure I checked the distribution – actually, several times – but apparently either I can’t type or I can’t spell or I can’t read.

Thanks.