Configure and setup OpenVPN without a Jail on TrueNas 12 and allow remote access connections to the TrueNas Subnet or just to the TrueNas system itself safely and securely. Use this Virtual Private Network to securely connect back to your home network without worrying about hacker attacks on the connection!
Remember to be sure your client is in fact on a different Network before trying to connect.
@19:45 in the video, MAKE sure you are using YOUR TrueNas’s network interface name – This can be found on the TrueNAS Dashboard in the Interface Tile.
You can do this by opening a web browser and googling “What is my IP”.
On your TrueNAS type the following command into a shell: dig +short myip.opendns.com @resolver1.opendns.com
If both IP’s match, you may have trouble getting your client to access the internet once connected to the VPN.
Additional Parameters:
push “route 192.168.0.0 255.255.255.0”
push “redirect-gateway def1 bypass-dhcp”
push “dhcp-option DNS 8.8.8.8”
push “dhcp-option DNS 1.1.1.1”
Tunables:
firewall_enable
firewall_type
gateway_enable
natd_enable
natd_interface
natd_flags
-dynamic -m
Great tutorial! I followed this and was able to access my network remotely without any problems. However, I noticed that with this setup, I’m getting the following error message in Nextcloud:
“This server has no working Internet connection. This means that some of the features like mounting external storage, notifications about updates or installation of third-party apps will not work. Accessing files remotely and sending of notification emails might not work, either. We suggest to enable Internet connection for this server if you want to have all features.”
As well, I’m not able to run pkg update in any jail. I get the following error when I try:
Updating FreeBSD repository catalogue…
pkg: http://pkg.freebsd.org/FreeBSD:12:amd64/quarterly/meta.txz: No address record
repository FreeBSD has no meta file, using default settings
pkg: http://pkg.freebsd.org/FreeBSD:12:amd64/quarterly/packagesite.txz: No address record
Unable to update repository FreeBSD
Error updating repositories!
After some testing I determined that both those problems disappeared when I disabled all of the tunables from the OpenVPN install.
Has anybody else run into this? Would anyone have ideas on what is causing this and how to resolve it?
Thanks
Your comment will be removed from Youtube because of the URL’s.
Make sure you are using the correct NIC reference in the tunables, it is likely not that same as the video.
Also when you enable the ipfw make sure there are not other rules in it. there should only be one rule by default, and if you have jails, enabling the firewall afterwards may not incorporate rule for the jails correctly. I did not have any trouble with jails I create AFTER enabling the firewall.
I had the same problem here.
I have just one NIC “re0”
After set the tuneables it look like the jails don’t access the local network directly.
eg: truenas ip = 172.16.25.100
router_ip=172.16.25.1
jail ip= 172.16.25.30
inside jail try to ping 172.16.25.1 i got replys from 172.16.25.100
the same pinging 8.8.8.8 got replys from 172.16.25.100
Are all 7 tunables enabled? seems like NAT is not working for you correctly.
7? dont you mean 6? the -dynamics -m is the value for the natd_flags isnt it?
Like a lot of others on the youtube comments section, the tutorial is excellent and the best one i’ve found so far, however once i reboot the server i can VPN in from phone ok, get internet access, and everything works from that device but all of my jails loose internet connectivity. not sure how to fix that and looking through the comments it doesn’t appear that anyone else has either? i could be wrong.. any help on what i need to change would appreciated.
Like Felix, my NIC is re0 and not sure if that is the common theme among all of the posters? any help would be greatly appreciated.
can you send me an email to info@mytechworks.online with a picture of the jails network info?
TrueNas > Jails > Select a Jail > Edit
Take a screen shot of each section and email them – there should not be any revealing info in the settings, feel free to mask anything you feel is.
Also a screen shot of the tunables page, and the openVPN config page.
I have set up multiple jails and each with different Network setups and I have no issue connecting to them with the tunables enabled.
I want to test this out but I cant seem to get the issue to occur and im wondering if it has to do with my jail setup network wise.