SOLVED OpenVPN: Problems in routing traffic

[ditex]

Hello everyone,
I have a problem routing the traffic, I have configured everything correctly (CA, Certificates, VPN, Port-forwarding...) because in WAN I can still connect to the VPN but I noticed that initially the traffic was passing outside the VPN and later to solve the problem I came across guides like this one:
https://www.truenas.com/community/threads/route-all-traffic-through-openvpn-service.88906/
but I couldn't set up Tunables because on SCALE there is no such section and I did it differently in this way which I don't know if it is correct (TUTORIAL):
View attachment 68754
OpenVPN Server configuration:
View attachment 68755
Port-forwarding:
View attachment 68757

QUESTION:
With these settings connecting from WAN to the VPN I can only access 192.168.1.13 (NAS), while I would like to access the entire LAN (Through the VPN) and access the WAN (outside the VPN) while connected to the VPN, what are the correct configurations to be able to make the VPN work in such a way?

I have been a whole day trying to figure out why and making several attempts with different configurations to get everything to work but have not been able to.
Thank you very much to those who will answer!

Davide.

 

[ditex]

UPDATE:
I added in the Additional Parameters: push "route 192.168.1.0 255.255.255.0" and I can finally access my TrueNAS in http and browse WAN outside the VPN but I still can't access other devices on the LAN...

 

[sretalla]

Do you have a route pointing back at the openvpn server on your LAN router?

 

[ditex]

Do you have a route pointing back at the openvpn server on your LAN router?

Yes, i had setup port-forwarding to 1194

 

[sretalla]

Yes, i had setup port-forwarding to 1194

That's not what I mean...

How will all the other servers/devices on your network know where to go back to reply to requests from your OpenVPN clients... if they try to go to your router it will not know that network, so the packets will be dropped.

You need a static route to push those packets back to the OpenVPN server as it needs to route them to the clients.

Attention to the last sentence here:

Setting Up Routing | OpenVPN

If you set up a routed VPN, you need to set up routing between the subnets so that packets will transit the VPN. Here is a possible network configuration.

openvpn.net

 

[ditex]

That's not what I mean...

How will all the other servers/devices on your network know where to go back to reply to requests from your OpenVPN clients... if they try to go to your router it will not know that network, so the packets will be dropped.

You need a static route to push those packets back to the OpenVPN server as it needs to route them to the clients.

Attention to the last sentence here:

Setting Up Routing | OpenVPN

If you set up a routed VPN, you need to set up routing between the subnets so that packets will transit the VPN. Here is a possible network configuration.

openvpn.net

I actually haven't configured anything other than port-forwarding on the modem, I have a modem that the operator provided me directly on loan, and there is no configuration for route pointing back...

 

[ditex]

I solved it by adding static routing directly from TrueNAS.