I sincerely do not understand your question. Probably your guide was mostly ok. Just don't recommend using NAT and replace that with a paragraph about setting a static route in your Internet router?
I had already done it
People who followed Youtube guides and enabled unsupported NAT tunables came to the forum in droves with "help all my plugins are not reachable anymore". Well ... then the YT guide is probably crap. I did not ask you to remove your entire procedure. I only pointed out that some very specific tunables are harmful.
I do not agree. It is basic openvpn routing on FreeBSD.
Nothing particularly complex or strange.
"Daily bread".
I had put a disclaimer [in the post] like "if you have jail, or VM, or just don't know what to do, keep the 1:1 connection and be happy"
Because this is a
huge limitation (of the default configuration)
And if you search this forum you'll see a lot of such requests
For me, the problem does not arise: I have been administering a ~ hundred servers halfway around the world for over 30 years, and I wrote my first operating system on Alpha AXP (with vi) even before Linus. Where routing was written in C, not even C++.
However, I realise that what seems
easy to me, is not easy for the average user, and impossible for the "home user".
Even just the absence of * in the Common Name is a
catastrophe (for the user who has no idea what a certificate is).
And yes, the TrueNAS core OpenVPN plugin works (kicking, but it works), if we really want to discuss it technically it has a slightly high CPU usage for light machines.
When I'm forced to use TrueNAS core, I use it.
Not a big deal.
I don't know about the TrueNAS debian version, I never use it, but the question is really for the core, by a user asking for some kind of 'tutorial' or 'notebook' or whatever you want to call it
I could also reply 'get an information science degree', or 'get another router', or 'don't use TrueNAS altogether', but I didn't think that was the best answer to the question posed.
Of course I can be wrong
