TrueNAS integrated OpenVPN server and rest of the LAN

N

Nicolas68

Dabbler
Joined
Jan 3, 2021
Messages
11
Hello everyone

TrueNas has an integrated OpenVPN server and client service, easy to setup easy to start

However when I started my OpenVPN server, I can reach my TrueNAS throught the VPN but nothing more than that

I can ping my server
I can access my shares which is one of my goal

how to access the rest of my network behind this ? like another server ?

My server config:

1610798096772.png


My server log:
Code:
Sat Jan 16 12:35:25 2021 OpenVPN 2.4.8 amd64-portbld-freebsd12.0 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] [AEAD] built on Dec  9 2020
Sat Jan 16 12:35:25 2021 library versions: OpenSSL 1.1.1h-freebsd  22 Sep 2020, LZO 2.10
Sat Jan 16 12:35:25 2021 Diffie-Hellman initialized with 2048 bit key
Sat Jan 16 12:35:25 2021 Failed to extract curve from certificate (UNDEF), using secp384r1 instead.
Sat Jan 16 12:35:25 2021 ECDH curve secp384r1 added
Sat Jan 16 12:35:25 2021 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Sat Jan 16 12:35:25 2021 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Jan 16 12:35:25 2021 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
Sat Jan 16 12:35:25 2021 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
Sat Jan 16 12:35:25 2021 ROUTE_GATEWAY 192.168.86.1/255.255.255.0 IFACE=re0 HWADDR=70:85:c2:7d:88:9d
Sat Jan 16 12:35:25 2021 TUN/TAP device /dev/tun0 opened
Sat Jan 16 12:35:25 2021 /sbin/ifconfig tun0 10.20.0.1 10.20.0.2 mtu 1500 netmask 255.255.255.255 up
Sat Jan 16 12:35:25 2021 /sbin/route add -net 10.20.0.0 10.20.0.2 255.255.255.0
add net 10.20.0.0: gateway 10.20.0.2
Sat Jan 16 12:35:25 2021 Could not determine IPv4/IPv6 protocol. Using AF_INET6
Sat Jan 16 12:35:25 2021 Socket Buffers: R=[42080->42080] S=[9216->9216]
Sat Jan 16 12:35:25 2021 setsockopt(IPV6_V6ONLY=0)
Sat Jan 16 12:35:25 2021 UDPv6 link local (bound): [AF_INET6][undef]:1194
Sat Jan 16 12:35:25 2021 UDPv6 link remote: [AF_UNSPEC]
Sat Jan 16 12:35:25 2021 GID set to nobody
Sat Jan 16 12:35:25 2021 UID set to nobody
Sat Jan 16 12:35:25 2021 MULTI: multi_init called, r=256 v=256
Sat Jan 16 12:35:25 2021 IFCONFIG POOL: base=10.20.0.4 size=62, ipv6=0
Sat Jan 16 12:35:25 2021 Initialization Sequence Completed
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 TLS: Initial packet from [AF_INET6]::ffff:86.243.247.221:58483, sid=5ccbf123 a88c7b97
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 VERIFY KU OK
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 Validating certificate extended key usage
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 ++ Certificate has EKU (str) TLS Web Client Authentication, expects TLS Web Client Authentication
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 VERIFY EKU OK
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 VERIFY OK: depth=0, CN=MyVPN, C=***, ST=***, L=***, O=***, OU=***, emailAddress=***@***.***
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 peer info: IV_VER=3.git::662eae9a
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 peer info: IV_PLAT=win
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 peer info: IV_NCP=2
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 peer info: IV_TCPNL=1
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 peer info: IV_PROTO=2
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 peer info: IV_AUTO_SESS=1
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 peer info: IV_GUI_VER=OCWindows_3.2.2-1455
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 peer info: IV_SSO=openurl
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 2048 bit RSA
Sat Jan 16 12:35:25 2021 MYIPADDRESS:58483 [MyVPN] Peer Connection Initiated with [AF_INET6]::ffff:86.243.247.221:58483
Sat Jan 16 12:35:25 2021 MyVPN/MYIPADDRESS:58483 MULTI_sva: pool returned IPv4=10.20.0.6, IPv6=(Not enabled)
Sat Jan 16 12:35:25 2021 MyVPN/MYIPADDRESS:58483 MULTI: Learn: 10.20.0.6 -> MyVPN/86.243.247.221:58483
Sat Jan 16 12:35:25 2021 MyVPN/MYIPADDRESS:58483 MULTI: primary virtual IP for MyVPN/86.243.247.221:58483: 10.20.0.6
Sat Jan 16 12:35:25 2021 MyVPN/MYIPADDRESS:58483 PUSH: Received control message: 'PUSH_REQUEST'
Sat Jan 16 12:35:25 2021 MyVPN/MYIPADDRESS:58483 SENT CONTROL [MyVPN]: 'PUSH_REPLY,route 192.168.86.0 255.255.255.0,route 10.20.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.20.0.6 10.20.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Sat Jan 16 12:35:25 2021 MyVPN/MYIPADDRESS:58483 Data Channel: using negotiated cipher 'AES-256-GCM'
Sat Jan 16 12:35:25 2021 MyVPN/MYIPADDRESS:58483 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Sat Jan 16 12:35:25 2021 MyVPN/MYIPADDRESS:58483 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key


My client side route table

1610797585390.png


except my TrueNAS server I cannot access anything else, maybe a firewall rule? or a missing route ?

thanks for your help
 
You must log in or register to reply here.

Similar threads

R
SSH Push Replication Fails against SSHD 8.8
Replies
1
Views
1K
Richard Durso
R
S
Hard Disk not recognized by TrueNAS with Marvell HBA
Replies
3
Views
2K
jgreco
jgreco
B
SOLVED OpenVPN Plugin: Keine Verbindung möglich
Replies
19
Views
4K
ChrisChros
C
L
  • Locked
OpenVPN-server on FreeNAS - Clients can connect but nothing more
Replies
7
Views
5K
zoomzoom
zoomzoom
M
  • Locked
need help: logfile 11.1
Replies
14
Views
2K
mrMuppet
M
Top