Unable to access TrueNAS over VPN

[awil95]

So I have a PfSense Router for my network running a WireGuard VPN. When connected remotely I can access literally all devices on my LAN net (10.1.1.0/24) from the WireGuard net (172.16.1.0/29), even other NAS devices with SMB shares; however I cannot connect via WebUI, SSH, or SMB to my TrueNAS Scale machine. Is there any setting inside of TrueNAS that only allow access from certain subnets? I have tried looking for a setting for this in the network tab and the WebGUI tab however I cannot find anything.

 

[fayelund]

Sounds like the truenas has the wrong default gateway set.

 

[awil95]

Sounds like the truenas has the wrong default gateway set.

My TrueNAS server is configured for DHCP; however I have a DHCP reservation set in PfSense for it. Under the Network Tab of the WebUI I can see that the default route is set for 10.1.1.1 (the PfSense router) it also has a DNS of 10.1.1.1. I feel like what I am experiencing is a firewall issue on the TrueNAS server and that it is only allowing connections from 10.1.1.0/24 addresses.

 

[Martin Stafford]

172.16.0.0/16 is the default subnet used by kubernetes. TrueNAS is likely routing responses to that network rather than back to your router.

 

[awil95]

172.16.0.0/16 is the default subnet used by kubernetes. TrueNAS is likely routing responses to that network rather than back to your router.

Oh my gosh, of course! I totally forgot about the internal kubernetes subnet. I will change the subnet of my wireguard VPN in pfSense to a 10.x.x.x network and see if this resolves my issues. I will report back with findings.

EDIT: Martin you were absolutely correct! TrueNAS was indeed not allowing my connection into the NAS due to my IP being in the 172.16.x.x subnet since it is used for kubernetes. Changing my wireguard VPN subnet to a 10.x.x.x subnet allowed me to access the NAS via WebUI, SSH and SMB. Thank you for your help!