External VPN access to LE box behind FW...

  • There are tons of references for the Kodi VPN Manager Zomboided, and if I understand correctly, it is for setting up a VPN client on your LE box so you can set up a tunnel to a (commercial) VPN server.


    How about giving someone access to your LE box behind a firewall (i.e., at home behind ISP with just some 192.168.x.y private address) via VPN login? Can a VPN server be set up on an LE box?

  • I had written this: tinc: rework by awiouy · Pull Request #2613 · LibreELEC/LibreELEC.tv · GitHub


    tinc for LibreELEC uses current tinc 1.1 and the following settings: LibreELEC.tv/tinc.conf at 8045e0d010b16233a4154c80b3d65126c7b5e493 · awiouy/LibreELEC.tv · GitHub


    Let me know if you need help

    Thanks, am browsing this:

    Using tinc to access a home server – Jordan Crawford


    Is this the right approach here, before I delve into it and your stuff ?

  • Seems to be the right approach, yes


    Make sure to install current tinc 1.1 and to use the settings linked in my previous post on the PC.


    On LibreELEC, the host file is generated according to tinc addon settings and stored in /storage/.kodi/userdata/addon_data/service.system.tinc/Local.


    Place remote host files in /storage/.kodi/userdata/addon_data/service.system.tinc/Remotes.

    @

  • WireGuard is nice and something I'm looking into .. but I doubt we'll add anything formally into LE until it gets merged into the Linux kernel. It requires a kernel module so it's not going to be an add-on.

  • Hi awiouy. Sorry to dig so old thread but I'm having hard time here for last couple of hours trying to set your addon together with android tinc app.


    So my question is did you compile this addon with router mode as its the only mode tinc android support?


    Will this vpn let me connect from my phone outise of my house to network with my home ip address?

  • Hi awiouy. Sorry to dig so old thread but I'm having hard time here for last couple of hours trying to set your addon together with android tinc app.


    So my question is did you compile this addon with router mode as its the only mode tinc android support?


    Will this vpn let me connect from my phone outise of my house to network with my home ip address?

    The addon uses router mode but LibreELEC will not route external trafic towards its local network.


    Also, the addon uses tinc 1.1, which is not compatible with tinc 1.0.


    In other words, the addon is useful to connect two (LibreELEC) devices point-to-point.


    You can nevertheless use the tinc binary provided by the addon (as opposed to the service of the addon) to achieve whatever you need.


    But nowadays there are more straightforward solutions, such as zerotier-one.

    @

  • Ahh thats pitty :( The new release from tinc android is 1.1 ;)

    Will have a look at zerotier! :) Will this let me browse my samba shares if I install this as docker plugin ?

  • What's about wireguard integration into libreelec. There should be a possibility for routing through wireguard tunnel since LE9. 2

  • Borygo77

    To clarify, you can use the tinc binary provided by the addon to use all tinc features, but you will have to configure it yourself because the addon is only designed for point-to-point connections.


    Zerotier One without Docker was mentioned here and there in this forum.


    suppenkasper

    Wireguard is indeed also an option.


    As far as I know, routing is disabled by default on LibreELEC, but you can enable it by setting /proc/sys/net/ipv4/ip_forward to 1.

    @

  • I would really like to get tinc working as I have to use specific port to connect (work place firewall)

    Wireguard is using udp only as zerotier is :( Trying my best with openvpn-as from linuxserver but tinc looks like its much more efficient for me :/

  • I would really like to get tinc working as I have to use specific port to connect (work place firewall)

    Wireguard is using udp only as zerotier is :( Trying my best with openvpn-as from linuxserver but tinc looks like its much more efficient for me :/

    Then use the --config flag of the tinc/tincd commands to store your custom configuration in a separate directory, and follow the tinc documentation. It should not be too hard ;)

    @

  • Then use the --config flag of the tinc/tincd commands to store your custom configuration in a separate directory, and follow the tinc documentation. It should not be too hard ;)

    Awiouy my tinc connection works.. I can browse samba shares on libreelec but nothing else in my home network... Forwarding is enabled but I would probably need to change some routes I think to get it going? Or whole setup need to be changed?

    Edited once, last by Borygo77 ().