OpenVpn Server breaking Virtual Machines internet acess

[ali_v001]

Hey Guys,

I followed this popular youtube tutorial on getting Trunes OpenVpn working, the vpn side of it works fine.

How to Configure OpenVPN on TrueNas 12 - Setup your own Home VPN - Part 1

Configure and setup OpenVPN without a Jail on TrueNas 12 and allow remote access connections to the TrueNas Subnet or just to the TrueNas system itself safel...

www.youtube.com

However the tuneables seem to break network acess for the virtual machines I have running in the Truenas nas machine "Baremetal TrueNas Box here"

They will not ping google and will not get a dhcp address for some reason. I can assign a static IP inside the VM's and ping local lan devices but still can not ping outside the lan.

I ideally dont want to have to mess with the vm's and feel they should be running fine with auto dhcp but unfotunatley isnt the case with this config,

Any help here would be great. If I delete the tuneables everything is back to normal and the VM's have internet access and have obtained a dhcp ip adress from the router.

My Nework intergace is called "Lagg0" the virtual machines NIc's are attatched to "Lagg0" also, maybe some conflict here with the static routing?

Heres some info on the setup,
The tuneables below.
firewall_enable - yes firewall_type - open gateway_enable - yes natd_enable - yes natd_interface - lagg0 natd_flags - -dynamic -m

Additional Parameters in OpenVpn Server settings
push "route 10.20.30.0 255.255.255.0" push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 1.1.1.1"

Lan Router IP Address 10.20.30.1
Truenas IP address = 10.20.30.10
Static Route Destination = 10.20.40.0
Static Route Gateway = 10.20.30.10

 

[dcs730]

I also came across this exact issue and posted something similar. I have not yet had a response.

* The VM is not 100% critical, but would be ideal if I can have the Open VPN function and network traffic to/from the Win10 VM.

* I either have the VM running with network and internet access (With no OpenVPN function) with tunables disabled.
* Or tunables enabled with the OpenVPN function to the TrueNAS box ok - (and NO network activity traffic to the VM).

It's like the VM does not even get allocated a DHCP address.

So either one of the other.

If you come across a soln, please let me know. Thanks.

 

[Mixel]

Same issue here. Pinging externally from truenas is possible, from within a jail not. This occured after configuring OpenVPN exactly the same way.

 

[Patrick M. Hausen]

Don't use NAT for your OpenVPN and don't mess with the firewall on TrueNAS. Instead configure a static route to your OpenVPN network on your Internet/default router.

 

[Mixel]

Apparantly you need a rule set for your jails, see here: https://www.truenas.com/community/t...h-firewall-for-jail-and-host-using-ipfw.9203/