Knowledge Base Guide: Connect Omada as an OpenVPN Client with OpenVPN Access Server on Raspberry Pi4
Guide: Connect Omada as an OpenVPN Client with OpenVPN Access Server on Raspberry Pi4
Note:
Interface/name/url/navigation used in this guide may change due to version/updates/changes
Short Version Video: https://www.youtube.com/watch?v=1OJxmbsTkmY&feature=youtu.be
Hardware:
Raspberry Pi4 4GB
Micro SD 16 GB
Mouse/Keyboard/Display as needed
Use Case:
* Some use case for this scenario includes accessing another LAN across the internet, say a PLEX server. Also good for accessing LAN resources such as storage (private Cloud/NAS), across the public Internet
Part 1 - Set up your Pi4
1. Download and install Raspberry Pi Imager at the official website ( https://www.raspberrypi.com/software/)
2. Image your MicroSD, make sure to select Other OS and choose Ubuntu 20.00 LTS 64bit
Part 2 - Installing your own OpenVPN Access Server
This server must be remote or for lab/testing purposes, can be installed in your simulated "WAN" environment or different ISP
1. Boot up Pi4 and update your OS and packages (i.e. sudo apt update, sudo apt upgrade). Reboot as needed.
2. Download OpenVPN Access Server at the official site (https://openvpn.net/vpn-software-packages/). Make sure to select the Ubuntu Icon > Ubuntu 20 [arm64]
3. Follow Option 1 (or Option 2) instructions to install the server
4. Make sure to take note of the IP address and Password for the admin account
Part 3 - Configure OpenVPN Access Server
1. Navigate to your Pi4's "IP address:port/admin" (OpenVPN Access Server) and login as an admin (openvpn)
2. Head to "Configuration" > "Advanced VPN" > TLS Control Channel Security > tls-auth "YES". Save the settings.
3. Go to "User Management" > "User Permissions" > "New Username". Make sure "Allow Auto-Login" is checked.
4. "Save" the settings and "Update Running Server"
5. On the created user, click "More settings"
6. Set a "Local Password". Leave everything on default settings.
7. "Save" the settings and "Update Running Server"
8. Log out from the admin console
9. Navigate to your Pi4's "IP address:port" (OpenVPN Access Server) and login as the new users. Note, this is not the /admin URL
10. Click on "Yourself (autologin profile)" to download the .ovpn file for later use in Omada
Part 4 - Configure Omada
1. Navigate to "VPN > Create New VPN Policy"
2. Give it a "Name".
3. Set up "Purpose > Client-to-Site VPN > VPN Type = VPN Client / OpenVPN"
4. Enter the "Remote Server"'s IP and "Port" (1194)
5. Select your "Local Networks", and "WAN"
6. Click "Import" and use the file downloaded from Part 3 / Step 10
7. Click "Create"
Part 5 - Verifying Connectivity
1. On the Omada console, navigate to "Insighs > VPN Status > OpenVPN > Client". It may take a few minutes to show the status
2. Use IPChicken or WhatIsMyIP to check your WAN IP
3. Login to OpenVPN Access Server to check logged in user
Short Version Video: https://www.youtube.com/watch?v=1OJxmbsTkmY&feature=youtu.be