How to access Nas4free behind pfsense openvpn

irs

@biggsy:

I thought the problem was that you couldn't access teh NAS4Free from OpenVPN.

You are now saying that it can't access the internet.

@biggsy:

irs,

Can you please post screenshots of the following:

Each of these sections from pfSense GUI:
    VPN / OpenVPN / Servers / Edit
    Firewall / Rules / WAN
    Firewall / Rules / OpenVPN
    Firewall / NAT / Port Forward

From NAS4Free:
    System > General Setup
    Network > LAN Management
    Network > Firewall
    WebGUI section of System > General Setup

And the rest of it?  BTW, you could cut down the repetition in the screenshots  ;)

Why do you have 0.0.0.1/1, 1.0.0.0/2, 2.0.0.0/3 and 192.168.10.0/24 in the Hosts Allow?

I think you might need to learn something about networking before you go any further.






irs

@johnpoz:

well if it can not get to internet - how and the F do you think you could get to it from vpn through the internet

Is pfsense its gateway?  Can it ping pfsense gateway?  What are the rules on your pfsense interface this nas is connected to?  Are you using captive portal?

yes my gateway is pfsense and I can ping nas4free witin pfsense. No I am not using captive portal.

biggsy

:o  Got WannaCrypt yet?

Why do you have all those ports open on WAN!!!  All you need open on the WAN is OpenVPN.

Do a fresh install of pfSense to clear out all those rules.

Redo your OpenVPN configuration and client export. Use the standard UDP port 1194. Set your tunnel network to 172.23.45.0/24 or something else in that range.  (With your tunnel set to 10.0.7.0/24, if you try to use OpenVPN from a network that uses the 10.0.0.0/8 range, you will have problems.)

NAS4Free GUI can just run on TCP port 443.  Change the NAS4Free Hosts Allow setting to match your tunnel network and the LAN.  (VPN access to any SMB shares can be dealt with later.)

irs

ok I will do that as per your Guide.

Will let you know after fresh install.

Thx for your help and guide. i hope it will work this time. But I tried to install nas4free fresh but it can not ping internet.

johnpoz

WTF… Yeah start clean!  How do you think forwarding the same port to different IPs would ever work?

And why in the world would you forward netbios from internet into your network?

Why/How could you have a source of your lan net hitting your wan, trying to go to 10.10.25.158??

irs

@johnpoz:

WTF… Yeah start clean!  How do you think forwarding the same port to different IPs would ever work?

And why in the world would you forward netbios from internet into your network?

Why/How could you have a source of your lan net hitting your wan, trying to go to 10.10.25.158??

Yes I understand my mistake I should be careful next time not to forward same port to different ips.

the netbios I don't remember why?

that address 10.10.25.158 is another mistake.

Thanks for pointing and helping to understand my mistakes.

johnpoz

BTW, unless you have a VIP setup on your wan.. The destination on a port forward is always going to be your WAN address.  * is not how you want to set it..

irs

:)

irs

I have a quick question. why Nas4free can not access internet even without pfsense?

johnpoz

Huh??  Have no idea what that question is suppose to be asking.. Why can some host you setup not access the internet?  Guess would be you set it up wrong ;)  Since it seems you clearly have internet access since your posting this ;)