How to access Nas4free behind pfsense openvpn

irs

I want to deploy pfsense on my network with the following

1. Nas4free ip: 192.168.0.250
2. NVR ip: 192.168.0.137
3. Network 1: 192.168.0.0/24  allow internet access
4. openvpn: 10.7.0.0/24   
5. remote ip : 192.168.10.0/24     
6. remote 2 ip: 192.168.1.0/24

I have 4 ports on my pfsense with 5 public ip.

I need to allow remote access to Nas4free owncloud

openVPN works fine and can access dvr/nvr. but can not access nas4free on port 12000 and owncloud on port 10000

any suggestions and guide highly appreciated.

johnpoz

The whole point of setting up a vpn is access to your networks.. So yes can deploy openvpn to get access to this…

Do you have some ? about how to setup the vpn?  Did you run through the wizard?

https://doc.pfsense.org/index.php/OpenVPN_Remote_Access_Server

irs

thanks for your reply.

Yes i do but the only thing i don't understand is the "Tunnel Network"

is this is the address of my local nas4free or it is third party address

viragomann

The tunel network is the VPN network between server and client. You may enter here any private network you want, the only attention you have to pay here is that it doesn't overlap with networks on server and client side.

The server side network you want to be able to access have to be entered at "IPv4 Local network/s" in CIDR notation (for a single IP use /32).

johnpoz

This seems pretty clear to me..

Tunnel Network – Should be a new, unique network that does not exist anywhere in the current network or routing table.

irs

if i am picking it right i can use 10.25.30.1/24 ? as it could be the new network?

irs

now since i am able to run vpn on pfsense and can access many things except nas4free and owncloud this is strange still i can not able to access my storage server ?

my pfsense 192.168.0.1 openVPN
local LAN 192.168.0.0/24
tunnel 10.0.7.0/24
remote ip 192.168.10.0/24

nas4free
host 192.168.10.0/24 10.0.70.0/24 192.168.1.0/24

gateway 192.168.0.1

what wrong I am doing?????
please help

biggsy

@irs:

if i am picking it right i can use 10.25.30.1/24 ? as it could be the new network?

Best not to use anything in the 192.168.0.0/16 or 10.0.0.0/8 ranges for your tunnel network, as these are often used in private networks that you might be trying to use the VPN from.

Try something less likely to conflict with those ranges.  Maybe 172.23.46.0/24

irs

but I am not using 192.168.0.0/16 for my tunnel
my tunnel is 10.0.7.0/24

viragomann

Maybe the access is blocked by the nas4free itself. Check if it's accessible from another network connected to pfSense.

irs

nas4free is working on LAN no problem. but as soon as i tried to ping from openvpn it fails

biggsy

irs,

Let's see if we can get to the bottom of this.

Is it the NAS4Free web GUI that you cannot access, shares on NAS4Free or both?

What is the IP address of your OpenVPN client before you your start OpenVPN?  Is it always in the range 192.168.10.0/24?

Your pfSense subnets are as follows:
  LAN - 192.168.0.0/24  (NAS4Free is in that subnet.  Correct?)
  Tunnel - 10.0.7.0/24
Correct?

Can you please post screenshots of the following:

Each of these sections from pfSense GUI:
    VPN / OpenVPN / Servers / Edit
    Firewall / Rules / WAN
    Firewall / Rules / OpenVPN
    Firewall / NAT / Port Forward

From NAS4Free:
    System > General Setup
    Network > LAN Management
    Network > Firewall
    WebGUI section of System > General Setup

johnpoz

can your nas4free get to the internet?  Your first post stated

1. Nas4free ip: 10.0.10.15

I think I am going to fireup a copy of nas4fee on my esxi host.. This really should be just clickity clickity!!

edit:  Like I thought clickity clickity..  Fired up nas4free as vm on my home network esxi host.  Set it to dhcp, got IP address 192.168.9.218, I then accessed the gui and setup the host allow in general to allow my vpn tunnel network and my local 192.168.9.0/24 network.

Bing bang zoom - into the gui from my vpn connection, before this got the 403 forbidden error.

biggsy

@johnpoz:

can your nas4free get to the internet?  Your first post stated

1. Nas4free ip: 10.0.10.15

That was in this thread.  Here it's on the LAN.

Maybe a mod could lock the other topics in NAT and General Questions

johnpoz

No in this thread go to the top of the page he states 10.0.10.15  Which is why you don't freaking cross post ;)

I have no idea what he is doing - this literally took a minute to setup…. There is nothing special to do other than allow your vpn tunnel network access via the screenshot I posted.

irs

@biggsy:

irs,

Let's see if we can get to the bottom of this.

Is it the NAS4Free web GUI that you cannot access, shares on NAS4Free or both?

What is the IP address of your OpenVPN client before you your start OpenVPN?  Is it always in the range 192.168.10.0/24?

Your pfSense subnets are as follows:
  LAN - 192.168.0.0/24  (NAS4Free is in that subnet.  Correct?)
  Tunnel - 10.0.7.0/24
Correct?

Can you please post screenshots of the following:

Each of these sections from pfSense GUI:
    VPN / OpenVPN / Servers / Edit
    Firewall / Rules / WAN
    Firewall / Rules / OpenVPN
    Firewall / NAT / Port Forward

From NAS4Free:
    System > General Setup
    Network > LAN Management
    Network > Firewall
    WebGUI section of System > General Setup


irs

@biggsy:

irs,

Let's see if we can get to the bottom of this.

Is it the NAS4Free web GUI that you cannot access, shares on NAS4Free or both?

What is the IP address of your OpenVPN client before you your start OpenVPN?  Is it always in the range 192.168.10.0/24?

Your pfSense subnets are as follows:
  LAN - 192.168.0.0/24  (NAS4Free is in that subnet.  Correct?)
  Tunnel - 10.0.7.0/24
Correct?

Can you please post screenshots of the following:

Each of these sections from pfSense GUI:
    VPN / OpenVPN / Servers / Edit
    Firewall / Rules / WAN
    Firewall / Rules / OpenVPN
    Firewall / NAT / Port Forward

From NAS4Free:
    System > General Setup
    Network > LAN Management
    Network > Firewall
    WebGUI section of System > General Setup


irs

@johnpoz:

can your nas4free get to the internet?  Your first post stated

1. Nas4free ip: 10.0.10.15

I think I am going to fireup a copy of nas4fee on my esxi host.. This really should be just clickity clickity!!

edit:  Like I thought clickity clickity..  Fired up nas4free as vm on my home network esxi host.  Set it to dhcp, got IP address 192.168.9.218, I then accessed the gui and setup the host allow in general to allow my vpn tunnel network and my local 192.168.9.0/24 network.

Bing bang zoom - into the gui from my vpn connection, before this got the 403 forbidden error.

Thx dear, Yes I changed as I was trying different options at different times. but still no luck my nas4free can not access internet. I have installed it in new machine without firewall but still nas4free can not access internet.

The host you suggested I tried that as well but no luck. i tried with several ip but no way.


biggsy

I thought the problem was that you couldn't access teh NAS4Free from OpenVPN.

You are now saying that it can't access the internet.

@biggsy:

irs,

Can you please post screenshots of the following:

Each of these sections from pfSense GUI:
    VPN / OpenVPN / Servers / Edit
    Firewall / Rules / WAN
    Firewall / Rules / OpenVPN
    Firewall / NAT / Port Forward

From NAS4Free:
    System > General Setup
    Network > LAN Management
    Network > Firewall
    WebGUI section of System > General Setup

And the rest of it?  BTW, you could cut down the repetition in the screenshots  ;)

Why do you have 0.0.0.1/1, 1.0.0.0/2, 2.0.0.0/3 and 192.168.10.0/24 in the Hosts Allow?

I think you might need to learn something about networking before you go any further.

irs

some other guy suggested to have allow host and try though i tried 192.168.10.0/24 10.0.7.0/24 but no luck