Unable to Access Transmission after enabling OpenVPN

[mike360x1]

Hi,

So I'm trying to setup a connection to PIA( Private Internet Access VPN) for a transmission-daemon in my jail. The issue is that, whenever I establish a connection to the VPN provider, I lose access to the web GUI.
Do I need to enable a specific rule to allow the transmission to communicate with the LAN while connected to VPN?
The Guide I followed is: here

Thanks in advance,
Michael L.

 

[dlavigne]

Were you able to figure this out?

 

[mike360x1]

Sorry for the late reply, It still is not working.

 

[Brer]

Back when I had Transmission running from a Jail with OpenVPN I can't remember adding any specific rule in the routing on the actual Jail, everything was default but I was on the standard 192.168.0.x addresses and both the Jail, Host and Web UI were on the same 192.168.0.x addresses. Do you have any specific network configuration? It could be that the VPN is not starting.

Have you confirmed that the VPN has started successfully? Add this to your country.conf, e.g. London UK.conf file :-

Code:

log /var/log/openvpn.log
status /var/log/openvpn-status.log

You can confirm your IP has changed before and after running the VPN by running this :-

Code:

/usr/bin/wget -qO- http://wtfismyip.com/text

You may need to install wget. Directories may differ in your Jail so you may have to find where the files are.

 

[mike360x1]

Thanks for the response, I have done a bit of troubleshooting and found that I cannot access the jail from anywhere outside the same subnet.

My computer resides on 192.168.10.*. The jail resides on 192.168.20.*

To circumvent this, I have used an SSH tunnel to connect to 192.168.20.*. It works. But is there a more permanent solution?

Maybe setup an internal firewall rule that routes web GUI traffic through all local domains. But I wouldn't know how.

 

[Brer]

You probably can but why not just have them both on 192.168.10.*

Any reason for the different subnet?

 

[mike360x1]

This is because *.*.20.* is a DMZ. any services I port forward I plan on keeping on different subnets in case it gets compromised. That way my home computers aren't affected. But, now that I think about it, I'm running PFSense, I could prolly setup a custom firewall rule to prohibit transmission jail to access home computers, but not the other way around.
I'll try to search for a solution to the initial problem, but I'll consider this as a second option.

 

[Brer]

You shouldn't need a DMZ with a VPN, isn't that the whole concept of having a VPN? If you need a port forward solution PIA has certain servers that allow port forwarding, just point to one and request port forwarding, the little windows app they provide gives you an idea.