I have a few devices:
Smartphone on 10.0.6.2 (VPN)
Truenas on 10.0.0.6 (SAM_LAN)
Truenas on 10.0.10.6 (Home_LAN)
Thing is, I can access devices on the Home_LAN (10.0.10.6) from my VPN, but not on the SAM_LAN. When I try to access 10.0.0.6, it just times out.
And yes, the UI is also tied to 10.0.0.6. Also other servers on the SAM_LAN are unreachable from the VPN
These are the firewall rules:
allow all: VPN → Internal
allow all: Internal → VPN
I don’t understands whats wrong. I can access the gateway/UDM on 10.0.0.1 from my VPN though.
Any thoughts on this?
The VPN is reaching out to the br0 interface (vlan1), but it is getting the return traffic over the br110 interface (vlan110) from my Truenas. And that network/vlan is in my NSFW zone. Adding an Allow All rule in the NSFW zone to 10.0.6.0/24 fixed the problem.
How can I force Truenas to send the return traffic over the same bridge as the incomming traffic?
I’ve tested both and both work.
If I go with the firewall solution, it feels wrong to have traffic coming in through one vlan, and getting back through the other, because of the TrueNAS default gateway.
If I go with NAT, i will lose which IP addresses have accessed the server.