OpenVPN issue connecting to controller



  • Hey Guys

    I just this weekend installed two Ubiquiti nanoHD AP's, with the controller software running as a Linux (Ubuntu 18.04) VM on my QNAP NAS. The server is accessible internally on https://192.168.0.109:8443

    I have OpenVPN configured on my PFSense router which gives me a client IP of 192.168.80.2 - From here everything looks OK, i can access the router when im on VPN, and i can reach other devices on the main 192.168.0.0/24 network, just not my Linux VM.

    A try my best but im far from a networking guru so open to all ideas!

    EDIT:

    FYI - Although i cant ping my VM ip address (192.168.0.109) from my VPN network (192.168.80.0/24) i can ping the NAS which is the host (192.168.0.7) so im guessing its related to the network settings on the NAS or VM itself. Is there something i can test on the VM to see where the connection is being blocked?



  • Is there a setting on your VM/NAS that restricts admin or any access to only the local subnet? That might be something to look for.


  • Netgate Administrator

    Yeah the VM likely either has a local restriction to respond only to it's own subnet or has no default route.

    You could workaround it by outbound NATing the specific traffic from the OpenVPN subnet to the VM address on LAN. But it would be better to solve it at the VM.

    Steve



  • Ive snooped around and asked on the QNAP forum but its not very lively.

    How could i go about NATing as you decribe above? I cant find the interface options for the OpenVPN server :/



  • I did use an app called linux station which basically gives you two ubuntu options, you press install and its done. Maybe i should try with the Virtualization station, a lot more options to play with in terms of virtual hw setup etc


  • Netgate Administrator

    In Firewall > NAT > Outbound first switch to hybrid mode so you can add additional rules.

    Then add a new rule.
    Interface: LAN
    Source: Network 192.168.80.0/24
    Destination: Network 192.168.0.109/32
    Address: Interface Address
    Description: Something so you know what this is for later!

    Leave everything else. Save and apply.
    That will NAT the minimum traffic. You may need to open a new connection if you have tried to reach the server recently to hit the new rule.

    Steve



  • @toms88 said in OpenVPN issue connecting to controller:

    Ive snooped around and asked on the QNAP forum but its not very lively.

    How could i go about NATing as you decribe above? I cant find the interface options for the OpenVPN server :/

    https://www.qnap.com/en/how-to/knowledge-base/article/why-cant-i-access-the-administration-page/

    Item #2: “Please make sure that the NAS and the PC you are trying to connect from are connected to the same network switch and are on the same subnet. You may also try connecting them directly (crossover cable is not required).”


Log in to reply