I managed to fix all the issues I was having with the update to OpenVPN 2.5. Hopefully the solutions are solid. I will check the logs tomorrow. So far, so good. I'm running FreeNAS-11.3-U5 and my Jails are at 11.4-RELEASE.
Here is what I did to solve everything:
I used the PIA 4th generation strong encryption configuration file
https://www.privateinternetaccess.com/helpdesk/kb/articles/where-can-i-find-your-ovpn-files
In particular I'm using the Berlin server to connect to.
For port forwarding I used the following script
https://github.com/dak180/TrueNAS-Scripts/blob/master/pia-port-foward.sh
I made some minor changes because I'm using authentication for my Transmission instance. So I added a transUser and transPass variable at the top after the other variables:
Code:
transUser=[username]
transPass=[password]
And everywhere in the script where transmission-remote is invoked I added the following right after transmission-remote :
Code:
--auth "${transUser}":"${transPass}"
To get rid of the IPv6 errors I changed the OpenVPN configuration file
Thanks to another user on the TrueNAS forums I solved the IPv6 problems:
https://www.truenas.com/community/threads/pia-and-openvpn-v2-5.88459/#post-613168
Right before the line that starts with <crl-verify> I added the following two lines:
Code:
pull-filter ignore "ifconfig-ipv6"
pull-filter ignore "route-ipv6 "
To get rid of a cipher warning I changed this
I still got some warning about the ciphers. The solution was in the warning itself. Right after the cipher line in the configuration file I added this line:
Code:
data-ciphers aes-256-cbc
To make sure the port stays forwarded I added a cronjob to FreeNAS
Using the GUI of FreeNAS I added a cronjob that runs the above mentioned script every 10 minutes to refresh the port forwarding. I noticed the port closed after 15 minutes in Transmission.
Code:
iocage exec [jailname] [path_to_script]/pia-port-foward.sh
If I did anything wrong, or if I can improve on anything please let me know.