Truenas Scale OpenVPN - access LAN & Internet

hi there,

tldr: OpenVPN connection on Scale - no internet, no access to LAN

Im currently struggling a bit with setting up the OpenVPN server correctly in TrueNas Scale. I used the internal service OpenVPN server in the TN Scale GUI (V. 22.02). I can connect my OVPN client to the server (Port forward on ISP router/modem combination) and can access the TN GUI. Everything else seems not to work. From reading through some post on different forums I assume “additional parameters” and “static rules” are missing or are incorrect. But I cant get my head around.

Following configurations are done:

LAN: 192.168.2.0/24
TN: 192.168.2.115
OVPN net: 10.10.0.0/24

Additional parameters:

push “route 0.0.0.0 0.0.0.0”
push “route 10.10.0.0 255.255.255.0” # My OpenVPN transfer net
push “route 192.168.2.0 255.255.255.0” # My remote network I want to connect to
push “redirect-gateway def1”
push “remote-gateway 192.168.2.115”
push “dhcp-option DNS 8.8.8.8”
push “dhcp-option DNS 192.168.2.1” # The DNS Server on my remote network

Static route:

Des: 10.10.0.0/24 GW: 192.168.2.115

Set TAP-Windows TUN subnet mode network/local/netmask = 10.10.0.0/10.10.0.2/255.255.255.0 [SUCCEEDED]
Sun Jul 24 11:40:16 2022 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.10.0.2/255.255.255.0 on interface {867EBC85-DBF5-4710-BCCC-7271A7C48D61} [DHCP-serv: 10.10.0.254, lease-time: 31536000]
Sun Jul 24 11:40:16 2022 Successful ARP Flush on interface [14] {867EBC85-DBF5-4710-BCCC-7271A7C48D61}
Sun Jul 24 11:40:16 2022 MANAGEMENT: >STATE:1658655616,ASSIGN_IP,,10.10.0.2,,,,
Sun Jul 24 11:40:21 2022 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
Sun Jul 24 11:40:21 2022 MANAGEMENT: >STATE:1658655621,ADD_ROUTES,,,,,,
Sun Jul 24 11:40:21 2022 C:\WINDOWS\system32\route.exe ADD 192.168.2.0 MASK 255.255.255.0 10.10.0.1
Sun Jul 24 11:40:21 2022 Route addition via service succeeded
Sun Jul 24 11:40:21 2022 C:\WINDOWS\system32\route.exe ADD 10.10.0.0 MASK 255.255.255.0 10.10.0.1
Sun Jul 24 11:40:21 2022 Route addition via service succeeded
Sun Jul 24 11:40:21 2022 Initialization Sequence Completed
Sun Jul 24 11:40:21 2022 MANAGEMENT: >STATE:1658655621,CONNECTED,SUCCESS,10.10.0.2,91.45.90.95,1194,,
Sun Jul 24 11:48:39 2022 C:\WINDOWS\system32\route.exe DELETE 192.168.2.0 MASK 255.255.255.0 10.10.0.1
Sun Jul 24 11:48:39 2022 Route deletion via service succeeded
Sun Jul 24 11:48:39 2022 C:\WINDOWS\system32\route.exe DELETE 10.10.0.0 MASK 255.255.255.0 10.10.0.1
Sun Jul 24 11:48:39 2022 Route deletion via service succeeded
Sun Jul 24 11:48:39 2022 Closing TUN/TAP interface
Sun Jul 24 11:48:39 2022 TAP: DHCP address released
Sun Jul 24 11:48:39 2022 SIGTERM[hard,] received, process exiting
Sun Jul 24 11:48:39 2022 MANAGEMENT: >STATE:1658656119,EXITING,SIGTERM,,,,,

Any Idea of what I dont understand and overloook to get it working?

As far as I know… I think I heard Tom say it numerous times as well… don’t route your NAS traffic.

I think the better way to do it is to do it via your firewall… So use openvpn or any other vpn on your firewall and access something from your NAS that way… Not use any OpenVPN client on the NAS itself.

Or you could use something one your firewall (assuming you are running the latest pfsense+) like tailscale although performance would be pretty (VERY) bad

@JPEaglesandKatz: Unfortunatley, I cant get rid of the Router from my ISP and no firewall is available. Thanks anyway for your input!

Anyone else ? I’m currently in try and error mode without success :frowning: