well, have you tried just shutting down that vm and see what happens on your network? Id start walking back things one at a time, as much as you can, and see what changes have an impact, if any. It would at least narrow down the culprit, a bit.
I HAVE FOUND THE CULPRIT! I rolled back the update which disabled my OpenVPN server, and it turns out that as soon as I set a specific tuneable in the openVPN server setup, the jails and VM can no longer access the internet. I have attached a screenshot of the culprit. Essentially, my problem now is that without this tunable, when connected to the VPN i am only able to access the NAS webUI and nothing else on the network (or public internet), however my desired outcome is to be able to use the VPN to have access to my entire home network where the NAS resides. the em0 interface specified in the tuneable is the ethernet connection between my NAS and the modem, so that is what appears to be causing the problems. I'm unfortunately not sure where to go from here, as the tutorial i followed above specified that adding this tuneable is a necessary step for the VPN to work.well, have you tried just shutting down that vm and see what happens on your network? Id start walking back things one at a time, as much as you can, and see what changes have an impact, if any. It would at least narrow down the culprit, a bit.
I just double checked what i already have set in my tuneables, and it appears that i have already set what you have specified. This is exactly what was outlined in the tutorial i watched as well. For some reason, as soon as i enable the natd_ointerface, the jails and VM can no longer resolve host names. Its like a see saw, for full VPN access, the jails and VMs break, and for jails and VMs to work, i have to sacrafise some VPN functionality.I'm no expert in tunables but that doesn't look right. Based on some info I gleamed around the web, your tunable variables for rc.conf should be set to the following:
firewall_enable = "YES"
firewall_type = "open"
gateway_enable="YES"
natd_enable="YES"
natd_interface="em0"
natd_flags="-dynamic -m"
copy and paste that in and give that a shot and see what that does.
I guess the few tutorials online that I have seen that go through using the inbuilt OpenVPN server function on TrueNAS (I think it was introduced with TrueNas 12) do it this way. I see your point as to the reasoning behind not handling Nat and the firewall on the Nas itself, but i guess I'd rather do.it through the in built openVPN server function rather than setting up a whole seperate jail for this. Is there any benefit to doing it either way? (Given that both ways potentially methods theoretically equally as well)Why are you enabling NAT and firewalling on the NAS itself? Generally one should not do that.
You can run OpenVPN in a VNET jail with its own IP address and no NAT ... I used to do that a couple of years ago so I know it works.
This tutorial is what i followed essentially to set up OpenVPN, and i guess i set it up that way following the tutorial. I believe i did set up a subnet to the OpenVPN (10.20.0.0/24) which is outside my local network of 192.168.0.0. I guess are you saying to add a static route to this network in my router, and use the TrueNas as the next hop to access this network? (Essentially set up a static route with destination 10.20.0.0, with next hop 192.168.0.15)?Ah - get it now. But why NAT? you can dedicate a subnet to OpenVPN - which you probably already did - and just route, i.e. add a route to that subnet in your Internet router.
Precisely. The NAT setup works around CPEs where you cannot set static routes.I guess are you saying to add a static route to this network in my router, and use the TrueNas as the next hop to access this network? (Essentially set up a static route with destination 10.20.0.0, with next hop 192.168.0.15)?
I have just looked up some information from my ISP, and it appears on my main modem that I cannot assign static routes to this modem. I do have a secondary modem (192.168.2.1) that utilises the PiHole as it's DNS, and I guess I could use this device to set up a static route instead, aka changing the modem that the remote access connects through. My main issue with this is that I use an Ethernet over power link to connect the secondary modem to the main modem, so it's speed can be a bit choppy. On top of that, if the PiHole goes down for whatever reason (I reboot the NAS for example) I would also loose access through that modem until the PiHole restarts.Precisely. The NAT setup works around CPEs where you cannot set static routes.
Not knowing your device, just a guess: you are looking ad "Device Info". I would not expect to be able to change any setting in that submenu. What's under "Advanced Setup"?