Bosse_B
Posts: 918
Joined: Thu Jan 30, 2014 9:53 am

Using an RPi4 as a backup server on a different network_

Mon Feb 24, 2020 1:13 pm

Can this be done?
1- RPi4 with a USB3 hard disk (4TB)
2- Hard disk served out by NFS or Samba
3- RPi4 located on a remote location (daughter's home)
4- RPi4 connected by WiFi on the remote network and from there onto the Internet via remote router
5- OpenVpn client on RPi4 connects automatically to home OpenVPN server via Internet
6- RPi4 now visible on the home network and can be used as file store

I have tested item #5 on an RPi4 to connect manually via terminal to a remote OpenVPN server and it does work, but AFAIK the RPi4 is in this case able to browse the remote network but is not visible itself on that network (item #6)...

The plan is to configure an RPi4 with a big disk and let it run on my daughter's network to serve as a backup storage server for backups made on my own home LAN.
This would then be an off-site location for backups in case there is a fire etc...

Can it be done and if so how should I configure the two ends?
Bo Berglund
Sweden

epoch1970
Posts: 4447
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Using an RPi4 as a backup server on a different network_

Mon Feb 24, 2020 1:30 pm

Would you eschew OpenVPN and use Syncthing for that purpose?
Setup aside, running NFS or samba over a tunnel is a bit of a misery. Synchting on the other hand has some interesting knobs, like bandwidth throttling. Invented by a swede, BTW.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

Bosse_B
Posts: 918
Joined: Thu Jan 30, 2014 9:53 am

Re: Using an RPi4 as a backup server on a different network_

Mon Feb 24, 2020 1:54 pm

Since I have set up a lot of OpenVPN servers already, that would be the route I'd take.
I don't know what "Syncthing " is...
However, all of my previous setups have been for access to the network the OpenVPN server sits on from another network. Both with and without routing from that network onto the Internet.
I have only ever set up clients that are manually controlled locally for connecting to the server's network and beyond...

So I am unsure if it is at all possible to let the remote device automatically connect "home" with OpenVPN and then be able to connect to that client's resources "backwards" through the tunnel from a computer on the server side network...
Bo Berglund
Sweden

epoch1970
Posts: 4447
Joined: Thu May 05, 2016 9:33 am
Location: Paris, France

Re: Using an RPi4 as a backup server on a different network_

Mon Feb 24, 2020 2:13 pm

https://openvpn.net/community-resources ... er-subnet/
Describes setup for routing LAN machines situated behind the server or a client. Routed tunnel, not bridged.

https://syncthing.net
If you want to know.
"S'il n'y a pas de solution, c'est qu'il n'y a pas de problème." Les Shadoks, J. Rouxel

Bosse_B
Posts: 918
Joined: Thu Jan 30, 2014 9:53 am

Re: Using an RPi4 as a backup server on a different network_

Mon Feb 24, 2020 8:09 pm

Thanks, but I am not sure how to apply the info in your linked document to my situation...

To clarify:
I already have an OpenVPN server set up on an Ubuntu 18 LTS machine in my home.
It is set up so I can access my home LAN including computers and printers from anywhere
It also routes traffic to the Internet so I can watch geo-located sites in Sweden when abroad

Clients connecting to this OVPN server are "connected" to the LAN from their point of view.

What I do not know how to accomplish is to configure the system such that when the remote RPi4 connects by OVPN it will be possible for me on my Windows 10 laptop or on another local RPi to contact the now connected client.
For example to start an FTP or SSH session towards it or access a shared resource/disk on the client.
I am NOT looking for a way to go past the remote client onto his local LAN, though.

When I was using Microsoft PPTP VPN (about 10 years ago) the VPN server on Windows would assign an IP address for the connected client within the local LAN and it was then possible for hosts on the LAN to "see" the connected client.
But with OpenVPN the client is assigned an IP address like 10.8.xx.yy and this is not visible on the server side LAN.

So how can I configure something (and where) in order for the client to be "visible"?
Bo Berglund
Sweden

User avatar
rpdom
Posts: 16314
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: Using an RPi4 as a backup server on a different network_

Mon Feb 24, 2020 8:21 pm

I think the configuration you're wanting can be done via OpenVPN, but I can't remember how.

I use a different VPN (tinc) via an external server. Any machine that is allowed to connect to that server with tinc is given a 192.168.x.x IP address on my home LAN and can be used as if it were local.

Bosse_B
Posts: 918
Joined: Thu Jan 30, 2014 9:53 am

Re: Using an RPi4 as a backup server on a different network_

Mon Feb 24, 2020 9:04 pm

The OpenVPN server config is set to give connecting clients an IP address for the tunnel endpoints and it is usually something like 10.8.xx.yy.
In order for the client to reach out onto the local network and then to the Internet one has to configure IPTABLES to do the forwarding from that address onto the LAN address range and use its gateway.

But I have no idea how to go the other way from the server side LAN towards the connected client.
Should be possible....
Bo Berglund
Sweden

Bosse_B
Posts: 918
Joined: Thu Jan 30, 2014 9:53 am

Re: Using an RPi4 as a backup server on a different network_

Tue Feb 25, 2020 10:53 am

I figured it out now!
Turns out that any client connected to my OpenVPN server with access to the server side LAN will use the OpenVPN server machine as gateway.
This means that it will be accessible provided that one knows the IP address of its tunnel and that one sets up a route to it with the gateway being the OVPN server machine.
So on Windows 10 I did this in a terminal running as admin:

Code: Select all

route add 10.8.0.0 mask 255.255.255.0 192.168.119.216 metric 28
Here the client tunnel address is 10.8.0.2 and the OVPN server's address is 192.168.119.216 (an Ubuntu 18 server).

Now I am able to ping the client from Windows when it is connected and no response if it is not connected.
I have not yet been able to verify the full operation of this since I need to find a network I can put the RPi4 on, which is not my own...
Bo Berglund
Sweden

Return to “General discussion”