FreeNAS (with VPN) Jail not visibile from VPN of pfSense



  • Buona sera a tutti!  ;)

    I'm running an instance of OpenVPN on my pfSense. I have another FreeBSD based system, a FreeNAS server. In this system I have setup some jails, one of that is for Transmission this jail is behind a VPN for encrypting traffic (this VPN have nothing to do with the one on my pf), when is active and I'm using the VPN to I can't correctly reach the jail…

    Explanation:

    Me:pfVPN --> fnVPN:Transmission  NOT WORK!!!
    Me:pfVPN --> Transmission WORK!!!
    Me:LAN --> fnVPN:Transmission WORK!!!
    Me:LAN --> Transmission WORK!!!

    I have already check that my pfSense VPN and the one in the jail have different IPs! I can't really understand why... They have worked for a lot of times and now... 😕



  • Nobody can help me!? :(



  • Please provide a map which shows how you are trying to access the FreeNAS.



  • @viragomann:

    Please provide a map which shows how you are trying to access the FreeNAS.

    Here the map:
    Map #1

    Map #2

    When i try to get the GUI from the Map #1 it's work, when i try to reach it from the Map #2 it not work. If i remove the VPN of the jail and accessing using the Map #2 it's work… I always use the same IP for accessing the GUI both when is behind VPN and when it's not.



  • Some help?



  • Maybe not the best solution, but that one that will work in your case: Add a source NAT rule to pfSense to translate your VPN IP to the pfSense LAN address.

    To do so, go to NAT > Outbound. If the NAT mode is set to automatic rule generation set it to hybrid and save this settings.
    Then add a new rule:
    Interface: LAN
    Source: <the vpn="" tunnel="" network="">Destination: <transmission jail="" ip="">Translation: Interface address
    Enter a description and save it.</transmission></the>



  • @viragomann:

    Maybe not the best solution, but that one that will work in your case: Add a source NAT rule to pfSense to translate your VPN IP to the pfSense LAN address.

    To do so, go to NAT > Outbound. If the NAT mode is set to automatic rule generation set it to hybrid and save this settings.
    Then add a new rule:
    Interface: LAN
    Source: <the vpn="" tunnel="" network="">Destination: <transmission jail="" ip="">Translation: Interface address
    Enter a description and save it.</transmission></the>

    This solution works! Thanks! ;)


Log in to reply