[How-To] How to Access Your FreeNAS Server Remotely (and Securely)

LukeSky

Cadet
Joined
Sep 28, 2020
Messages
7
You've configured the SSH service on your FreeNAS server to answer on port 8888; your router accepts inbound traffic on port 8888 and forwards it to port 8888 on IP address 192.168.1.17 -- this all looks good, provided 192.168.1.17 is the IP address of your FreeNAS server.

Is your FreeNAS server configured on IP address 192.168.1.17?
Yea my FreeNAS server has the IP address of 192.168.1.17. Not sure why I can't SSH into the server via the internet. I have shown what my setup looks like, but is it possible that my router doesn't support port forwarding? If I can see an open port with a port finder online, does that mean that my router is successful or not necessarily? Like someone else previously, I had the "no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 " error, which I resolved by adding something to the SSH config file.
 

Spearfoot

He of the long foot
Moderator
Joined
May 13, 2015
Messages
2,478
Yea my FreeNAS server has the IP address of 192.168.1.17. Not sure why I can't SSH into the server via the internet. I have shown what my setup looks like, but is it possible that my router doesn't support port forwarding? If I can see an open port with a port finder online, does that mean that my router is successful or not necessarily? Like someone else previously, I had the "no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 " error, which I resolved by adding something to the SSH config file.
So we know you have the correct IP addresss. Another simple thing to check is that you have the SSH service bound to the right interface: you should see 'Bind interfaces' on the SSH service setup page. Look at this setting and make sure SSH is bound to the interface configured with IP 192.168.1.17

The screenshot you showed implies that your router can forward ports... but that doesn't mean that it can actually do so. What are you using for a router? Does it have firewall features that perhaps are dropping your traffic?
 

LukeSky

Cadet
Joined
Sep 28, 2020
Messages
7
So we know you have the correct IP addresss. Another simple thing to check is that you have the SSH service bound to the right interface: you should see 'Bind interfaces' on the SSH service setup page. Look at this setting and make sure SSH is bound to the interface configured with IP 192.168.1.17

The screenshot you showed implies that your router can forward ports... but that doesn't mean that it can actually do so. What are you using for a router? Does it have firewall features that perhaps are dropping your traffic?

I think the bind interfaces is in the advance mode for the SSH Service setup? Well under bind interface I only have one, which is nfe0, which I've selected, though there was no difference. Also looking around on my router page, I found this:
1601331376436.png

And SSH was not enabled for WAN, so I checked the box, and changed the port from 22 to 8888, but for some reason it's still not working.
I'm not sure what you mean by what router I'm using. It's just a general wireless broadband router I think.
 

Spearfoot

He of the long foot
Moderator
Joined
May 13, 2015
Messages
2,478
I think the bind interfaces is in the advance mode for the SSH Service setup? Well under bind interface I only have one, which is nfe0, which I've selected, though there was no difference. Also looking around on my router page, I found this:
View attachment 41761
And SSH was not enabled for WAN, so I checked the box, and changed the port from 22 to 8888, but for some reason it's still not working.
I'm not sure what you mean by what router I'm using. It's just a general wireless broadband router I think.
Yes, I am asking what brand and model of router you are using. Might as well post your FreeNAS system specs, too (per the forum rules) while we're it.

I suspect, for example, that the screenshot you posted above is for the various services (HTTP, TELNET, SSH, etc.) that run on your router. If so, these will have nothing to do with your FreeNAS system. I could be wrong about this -- but without knowing anything about your router, I'm stymied.

The key thing to gaining SSH access to your FreeNAS system is to pass traffic through to the port on which it expects to receive SSH traffic. Your router doesn't know or care what type of traffic this is -- we just need it to pass the packets through. Judging from the NAT screenshot you posted earlier, inbound WAN traffic on port 8888 is getting passed to your FreeNAS server at 192.168.1.17 on port 8888, and you've configured SSH to answer on that port. So it ought to work.

We've verified everything I can think of, and I'm out of ideas. I'm hoping someone more knowledgeable will stop by and help you out. The more information you can provide -- your FreeNAS system specs, your router band and model -- the more likely it is that this will happen.
 

LukeSky

Cadet
Joined
Sep 28, 2020
Messages
7
I believe it's a dual band router, and my version is FreeNAS 11.3-U4.1. I have a screenshot of my router details:
1601338105102.png

But looking at WAN info maybe Firewall is blocking it?
1601338180182.png

Though I don't see any options for firewall unless it's this LAN Side firewall which is off?
1601338403315.png
 

nojohnny101

Wizard
Joined
Dec 3, 2015
Messages
1,478
You should be forwarding traffic from the internal port of 22 (default of SSH) to whatever one you want externally. No need to be changing the port internal for SSH.

Try changing that on your router.
 

LukeSky

Cadet
Joined
Sep 28, 2020
Messages
7
You should be forwarding traffic from the internal port of 22 (default of SSH) to whatever one you want externally. No need to be changing the port internal for SSH.

Try changing that on your router.
That was what I originally did, but it still didn't work. Also, when I did that before, the router popped up the message that Port 22 was occupied, so they switched the port to port 2222. So I think they switched the external port, not sure cause they didn't change the port number on the router, just the pop-up message. Not sure why my port 22 is occupied. I've also contacted my ISP asking them about this, and it might possibly be firewall? They vaguely told me that some settings are disabled for safety of consumers.
 

nojohnny101

Wizard
Joined
Dec 3, 2015
Messages
1,478
Is this a router you bought or is this a combo router device provided by your ISP?
 

asw2012

Contributor
Joined
Dec 17, 2012
Messages
182
I did not go through all of the thread here, but has it been suggested to just use your router's VPN service? I've used both Netgear and ASUS routers VPN service with OpenVPN and works just great. VPN into your home network and login as if you were sitting next to your box.
 

JKzpool

Cadet
Joined
Aug 22, 2020
Messages
8
I had come across a problem with using PuTTY and SSH to connect to my TrueNAS Core server, I had followed most of the instructions in here and got the following error:

No supported authentication methods available (server sent: public key)

I had my private key on client and public key on the TrueNAS server. What I found out was that PuTTY likes the private in a particular format.

1. Launch PuTTyGen
2. Load Private Key
3. State the passphrase
4. Save the private key as .ppk

.ppk
is the format PuTTY understands for public and private key authentication.

Then the next step is in PuTTY to set the Authentication Parameters with the .ppk:

Connection > SSH > Auth

Browse to your .ppk key and then you should be able to connect to your TrueNAS server with PuTTY

Hopefully this will help others who were similar to me.
 
Top