2021-06-21

#nas

Reinitialisation du serveur

Remise d'une conf de base

• remise en place du DDNS googledomain
• remise en place de NextCloud
• decouverte et utilisation de @CommentInstallerNextcloud (Private)
• config de NextCloud pour être utilisé avec DDNS

'trusted_domains' =>
   [
    'truenas.arnaudjoye.fr'
  ],

Configuration du VPN

• suivi du tuto à la lettre de Setup OpenVPN Server on TrueNAS | SpaceRex
• faire attention à bien mettre Common Name
• bien mettre sha1 dans le service
• suivi des explications complémentaire de SetupOpenVPNServer

SetupOpenVPNServer

Hi all! I apologize in advace for my poor english (I am italian eheh), but I would like to share with you my configuration which allows me to tunnel all the traffic generated by the client, and, more importantly, to reach the devices within my LAN.

I Just want to give you a brief overview of my network setup:

TrueNas network: 10.0.0.0/24
TrueNas ip address: 10.0.0.45
TrueNAS network interface: bge0
OpenVPN server network 10.9.8.0/24

In addition to the steps that have been shown in the video above, I've added the following parameters to the OpenVPN server configuration:

Services -> OpenVPN Server -> additional parameters

push "route 10.0.0.0 255.255.255.0"
-->this allows you to access the 10.0.0.0 network

push "redirect-gateway def1 bypass-dhcp"
--> to tunnel all the traffic generated by the client

push "dhcp-option DNS 1.1.1.1"
--> to tell openvpn which dns server to use 
(you can change this based on you preferences, eg using google dns 8.8.8.8 )

push "dhcp-option DNS 1.0.0.1"

Network -> Static routes

I've added this entry:

Destination: 10.9.8.0 , Gateway 10.0.0.45

System -> Tunables

After reading this guide from DigitalOcean I've added the following tunables to the rc.conf file:

firewall_enable = "YES"
firewall_type = "open"
gateway_enable="YES"
natd_enable="YES"
natd_interface="bge0"
--> Remember to use your network interface
natd_flags="-dynamic -m"

Reboot the server.

I hope this works also for you! Because I've done quite a bit of throubleshooting, I don't know if all the steps are necessary to make it work. For this reason, feel free to comment and share your configuration