HOw do I open a port through to Jail?

[thisman105]

Followed a guide to get Transmission working through a VPN and it works great. My VPN provider has opened a certain port for me on their server and the private tracker I use still shows that the port is not open. I assume this has something to do with FreeNAS firewalling the Jail. Would I be correct here, and if so, what do I do about it? Thanks

Guide: http://tblog.myriad.ca/?p=179
FreeNAS-9.3-STABLE-201511040813

 

[pirateghost]

FreeNAS does not firewall jails. A jail is it's own IP on YOUR network. Just forward the port to the jail IP

 

[DrKK]

Right, as pirateghost says, you need to set up a port-forwarding rule in your router. You will forward the port to the *JAIL'S* IP address. There are 1000 posts on the internet on how to do this.

 

[thisman105]

I don't have to do this with my main PC. Can I change the port that Transmission functions on like I can in uTorrent? Perhaps that is the issue.

 

[Nick2253]

I don't have to do this with my main PC. Can I change the port that Transmission functions on like I can in uTorrent? Perhaps that is the issue.

Yes, you can change the port in Transmission. I leave this as an exercise for the reader, because that's a Transmission issue, not a FreeNAS issue.

 

[thisman105]

NVM, I found the option. Didn't see the bar at the bottom of the Transmission UI and I was looking though config files in terminal LOL.

Thanks

 

[thisman105]

So, I changed to port in the Transmission settings menu and it still shows as closed. Since I'm running it though a VPN, do I have to set that as the port the OpenVPN uses? I didn't think so but if it's not firewalled and i'm using a service that my router automatically forwards (VPN), than why does it show the port is closed? Sorry for all the questions, I used the Torguard application on my windows VM before and they sent me a pre-made config file for it, so i just had to connect and everything worked. Any help is certainly appreciated. Thanks

 

[Nick2253]

You're confusing a bunch of stuff here. I'll do my best to explain it to you, but you should probably brush up on some network basics.

There are two relationships here that I think you are conflating as one.

First, there is the relationship between OpenVPN and your VPN provider. Your VPN provider gave you a bunch of connection information, which is what you got before in the config file for Torguard. Second, there is the relationship between Transmission and the private tracker. The only way they are connected is that the communication between Transmission and the private tracker passes through the tunnel created between OpenVPN and your VPN provider.

The private tracker telling you that "the" port is closed doesn't make a whole lot of sense. What port? Is the private tracker giving you a port that should be open? Usually, a torrent client can open any port, and it's self broadcast. That open port allows external clients to connect directly to you, without waiting for you to connect to them. There are better ways of testing if the port is open correctly.

Depending on your VPN provider, all, some, or none of the ports will be open. In other words, the firewalling might be happening at your VPN provider. However, I doubt your VPN provider is blocking any of your ports; that just not very frequently done.

 

[thisman105]

You're confusing a bunch of stuff here. I'll do my best to explain it to you, but you should probably brush up on some network basics.

There are two relationships here that I think you are conflating as one.

First, there is the relationship between OpenVPN and your VPN provider. Your VPN provider gave you a bunch of connection information, which is what you got before in the config file for Torguard. Second, there is the relationship between Transmission and the private tracker. The only way they are connected is that the communication between Transmission and the private tracker passes through the tunnel created between OpenVPN and your VPN provider.

The private tracker telling you that "the" port is closed doesn't make a whole lot of sense. What port? Is the private tracker giving you a port that should be open? Usually, a torrent client can open any port, and it's self broadcast. That open port allows external clients to connect directly to you, without waiting for you to connect to them. There are better ways of testing if the port is open correctly.

Depending on your VPN provider, all, some, or none of the ports will be open. In other words, the firewalling might be happening at your VPN provider. However, I doubt your VPN provider is blocking any of your ports; that just not very frequently done.

The tracker is just telling me that there isn't "an open port" for incoming connections. Sorry for not being clear. The VPN provider had to open a port for me that is forwarded from their end to mine to allow incoming connections, as they don't do this unless you ask them to. I am connected to the VPN, on the server that they have setup to forward and I [now] have set Transmission to listen on the port they are forwarding, but Transmission shows the port as closed and the tracker shows me as "not connectable." It seems that this may have nothing to be with FreeNAS or Transmission if there is no firewall as you say, which makes sense, IDK why I thought it would be firewalled if it has it's own IP...duh. I wasn't using OpenVPN before with this provider, I used whatever their proprietary software is called and they included a config file to allow for the forwarded port. They have assured me that if I use OpenVPN and the correct server, it will just work. and it's not. If you think that FreeNAS/Transmission aren't to blame I guess I'll contact their support people and see if maybe they left out a setting in their OpenVPN config file or didn't tell me about something extra I have to do to make it work.

Thanks for your help.

 

[pirateghost]

One thing you need to remember, once connected to their VPN, there should be nothing to open in your end. All traffic should be going through their VPN. All the traffic thinks its coming from and going to, the VPN.

 

[Nick2253]

@pirateghost makes a really good point. You have to make sure that you're sending all your traffic through the VPN. Just establishing a VPN connection won't get all your traffic through the VPN tunnel.

 

[thisman105]

@pirateghost makes a really good point. You have to make sure that you're sending all your traffic through the VPN. Just establishing a VPN connection won't get all your traffic through the VPN tunnel.

If the torrenting was not going through the VPN, then when I tried forwarding the port on my router to the Jail IP, the port would have been open, right? Also, my router supports uPNP so forwarding the port would not be necessary, right? Was the guide I followed a good one?

 

[Nick2253]

There are a lot of variables here, and using the "open port" status reported to you from your private tracker or Transmission is not going to be a good measure of success, until we can confirm that all your traffic is going through OpenVPN.

I'm not sure what your guide had you do. Make sure you have the "redirect-gateway" option set in your OpenVPN config file (read up on how to set it properly). If that is set properly, then you should be able to confirm that you are on the VPN by using something like WGET or cURL to pull down a website like IPChicken.com and check what IP address you are connecting with (you'd get your local IP if you are not going through the VPN).

Assuming that you get the correct IP (the VPN provider's IP), then your issue is probably with the VPN provider. They most likely didn't open the port they told you they opened (someone might have fat-fingered it). Double check with them that the port they opened is the correct one.

 

[thisman105]

There are a lot of variables here, and using the "open port" status reported to you from your private tracker or Transmission is not going to be a good measure of success, until we can confirm that all your traffic is going through OpenVPN.

I'm not sure what your guide had you do. Make sure you have the "redirect-gateway" option set in your OpenVPN config file (read up on how to set it properly). If that is set properly, then you should be able to confirm that you are on the VPN by using something like WGET or cURL to pull down a website like IPChicken.com and check what IP address you are connecting with (you'd get your local IP if you are not going through the VPN).

Assuming that you get the correct IP (the VPN provider's IP), then your issue is probably with the VPN provider. They most likely didn't open the port they told you they opened (someone might have fat-fingered it). Double check with them that the port they opened is the correct one.

Found the problem. I was reading though the windows config file they sent me previously and it has the VPN request a specific IP from the server. Once I added that info to the OpenVPN config file, the port is now open. There is no "redirect-gateway" option set in the config file, but when I use wget on one of the ip websites it shows the ip I added to the config file. I will add

Code:

redirect-gateway def1
dhcp-option DNS 8.8.8.8

to the config file anyway so that the DNS info is not sent to my ISP. Is there anything else you recommend I should do? Aside from learning more about Unix/Linux systems of course.

Thanks

 

[Nick2253]

I'm glad you got it figured out!

Don't kick yourself too much for not getting everything at first: knowledge is a journey, not a destination!

 

[thisman105]

What are your thoughts on the silverstone case you are using? Think its worth having hot swap for a home file server?

 

[Nick2253]

I have a mixed relationship with my DS380.

First off, in hindsight, I think that hot-swap is overrated for a home server. It's a cool and fancy feature, but the benefit of hot-swap is really about minimizing downtime. In my home environment, having to take my server down is not that big of a deal. Sure, it's easy to replace drives, but how long does it really take you if you have to open the server up? Another 15 mins, max?

On the pro side, I love the space, form factor, and build quality. It's really an attractive server, and if my drives didn't make so much noise, I'd be happy to put it out in the open.

Also, the cooling in the case sucks without modification. Silverstone really needed to include better ventilation in the back of the drive cage. Once my dremel got done with the case, the cooling is now fantastic, but I wish I didn't have to do it in the first place.

If you need hotswap and/or 8-drives in a small form factor, then the DS380 is a great case (with modification for cooling). But if you only need 6 drives, or are willing to size up just a little bit for 8 drives, then I think there are better cases on the market.

 

[thisman105]

I was considering moving mine into the Lian-li case that has 5 internal hot swap bays. Air flow seems good from the reviews. And should by much more quiet than the 2 80mm fans I have. Might just mod some more bays in my arc chassis and put it in the closet though.