Awesome clear and concise tutorial! Thank you for sharing this.

This is by far the highest quality tutorial currently available on setting up an OpenVPN server for TrueNAS. Any bit of doubt I had about parameters I saw in other tutorials was taken away, in particular the IP parameter (which, from my current understanding, just creates another "mini subnet" within the local subnet under the specified prefix).

How this only has 2400 views is beyond me. This is clear, concise, top quality. One of the best on KZbin. Thank you!!

After wading through forums, blogs, YT channels for days this was the first and only solution I have found to safely access my files remotely through a VPN. Thank you so very much Techworks!

I don't know that I've ever felt compelled to comment on a KZbin video before, but I had to on this one. I have spent hours and hours watching videos, looking through forums, and following tutorials to setup OpenVPN on my TrueNas. And I've never gotten it to work how I wanted it to. This video explained exactly what to do and was very detailed and helpful. The only thing I had to change was my natd_interface to em0 like some of the other comments said. Thanks so much for making this video.

This absoulutley saved my bacon. Could not for the life of me get this to work until I found this video. Much appreciated.

Dude you have no idea how much time I spent on this, trying to make my nextcloud only accessible by VPN and it was IMPOSSIBLE. But then you appeared and saved the day, thank you so so much

Take me a day and half to set this up, my first problem is I didn’t watch the complete video. My bad. Then second problem was the Additional Parameters I took the quotation marks as asterisks and def1 as defl. It was hard to see these in video but found the correct parameters in the text. Once I fixed my errors it worked like a charm. So watch the whole video till the end before setting this up and you should have no problems. This one is complete as other videos leaves stuff out. Made notes and added these “Lessons Learned File” for future reference.

Thank you ❤ I have been trying to do this for several days and couldn't until I found this tutorial. Thanks for explaining the reason for each parameter, this way I could easily change it to the values for my setup

Seriously man thanks for this video, I got like 80% of this setup on my own but couldn't figure out why I was unable to connect to my locally host services.

Took me a few tries, but your tutorial made it possible to connect from the internet. Thanks!

You absolutely ripped other VPN tutorials to shreds, this fit my scenario and worked really well, my hero for 2022!

Amazing step-by-step video for the entire process. Did not falter anywhere. I would never have been able to do this on my own just by reading the manuals and adjusting the settings. Thanks for posting this.

After fighting for weeks, I found this video. Thank you for using your covid time so helpfully!!!

Huge thanks dude. I finaly got it working. I tried so many other tutorials and they confused me. Yours was straight forward and Thorough!

if anyones having any issues connecting to the other servers outside of truenas's ip make sure that the 'natd_interface' tunable matches your config. Mine was 're0' instead of 'le0' so I had to change the value inside of that to get it to work.

Thank you so much!!! the bit from 16:00 was missing from other tutorials. Great stuff!

This is the best OpenVPN tutorial for TrueNAS I've found. Thank you!

This video helped me resolved the issue I had struggled for a week. Thanks!

As an absolute novice to this kind of stuff, thank you for providing a very clear and concise walk-through of adding a vpn service here. I was struggling trying to figure out why the config file wasn't enough for trueNas charts and it seems I totally skipped the whole certificate step 😅

Thank you so much for this! This got OpenVPN working on my machine with the ability to access my files remotely without fail. That being said, I, like some other users on here and on your website, experienced issues with jails (Plex in my case), not working properly. Oddly, it took a day for it to break (all was working fine when I first set it up). The ONLY way I could access my Plex remotely was when connected to the VPN. Originally I could connect to Plex without connecting to the VPN. Again... it took about a day for this to break. I did see your description comment about adding a jail with NAT selected. This fixed it! However, I read on a thread on Reddit of someone having an issue as well, and they were able to fix it instead by changing out their network interface identifier in the natd_interface tunable for vnetO. I disabled the added jail and tried this, and everything is still working properly. Now it's been less than a day, so I'll update here if it breaks again, but I figured I'd bring to your attention. Reddit post from TheRealStiffCookie below. "I had an extremely similar issue, in that I couldn't have OpenVPN and Plex set up on my Truenas at the same time. First step I tried was deleting the natd_interface tunable (mentioned on another site), which fixed Plex, but of course broke OpenVPN. I then re-added the tunable, but instead of setting the value to my physical interface (em0 - which I followed from a guide), I set it to vnet0 instead. All of my plugins, and OpenVPN have been working alongside each other since! Hope that helps anyone else that may stumble across this issue."

Thank you! Just watched a different tutorial before and while it did work, this worked in every aspect! Plus, your video was much easier to follow, better explained and a lot nicer to listen to.

Thank you so much! Worked the first time from this tutorial, I never got it to work before,

mate this tutorial has been an absolute god send, very detailed and precise EVERY step of the way, and bous points for having the additional params in the bottom becuase I couldn't tell if it was a 1,l or i. this has made the whole experince of being able to get access to my NAS to edit my photos on the go abosoltely painless. you get a 15/10 rating from me.

Clear and understable! Thank you very much! By far one of the best tutorials!

Very good tutorial, very concise, thank you for all your efforts, much appreciated.

wow thanks so much. this was the best one around that made the process a hell of a lot easier to understand and get working.

Thanks so much man, I always struggle with networking stuff since I rarely do it. This was very clear and concise.

Awesome tutorial. Very clear and concise. Unfortunately I can only access the Truenas server. SMB etc works but I can't access and other network devices including jails. I set the NAT tunable to bridge0 which is the name of my Truenas NIC but no dice.

Es el video mas detallado y completo que he visto para configurar la VPN en treuenas. Gracias por el aporte

Thanks for the detailed tutorial! Though after having the OpenVPN server and the firewall rules applied as shown in the video I'm having issues with the jails (plugin installation fails when getting "pkg" (No address record error) and I can't even ping 1.1.1.1 with success). Is there a workaround for this? Or it ends up being a tradeoff for setting up OpenVPN this way? Also what's the difference and advantages/disadvantages of setting up the OpenVPN server from TrueNAS natively or inside a Jail?

Great tutorial, thanks! VPN works nicely, but alas, a virtual machine runnin on Truenas completely lost network. So removed the tunables and VM's network works again. Something about those tunables seems to screw the VM - host bridge big time

Amazing, clear step-by-step process! I wish I had watched this before attempting it on my own.

Clear and simply, thanks for sharing! LOL @TrueNAS comented also, that's god sign!

Thank you so much for the tuorial ! At 16:30 is it : push "redirect-gateway def1 bypass-dhcp" or push "redirect-gateway defl bypass-dhcp" with lowercase "L" ?

People like you are what make this world great!

Hi, this was nearly perfect, the vpn setup certainly works. However something to do with the tuneables breaks network acess to any virtual machines I have installed on the freenas box. They wont assign dhcp, i can acess them via ssh when setting a manual ip in the vm's however they do not get internet access. Just wont ping google, it will however ping local lan machines So i think something is blocking them/ firewall related I imagine. It seems similar to some issues others are having on here with jails breaking. As soon as I remove the tuneables, dhcp is back and the vm's have full internet acess. it would be great if you could help / advise on this, thanks

Awesome clear and concise tutorial ! Thank you so much for sharing this. I can now access all my files (even from my iphone) when travelling ;) Just a point, when configuring System/Tunables/natd_interface, of course enter your interface (not necessary le0, you should have shown that we must check in Network/interfaces for the right name) ;)

Its the best Video i have Sean for this toppig👍👍👍👍

i've done everything you did, and can connect to my samba share, but nothing else... no internet through the server or internet outside of the server... no connections to other jails on the server or other computers on the network. any idea what i might have done wrong?

Thank you for this excellent tutorial. Great work here.

Do I need to do the steps in Part 2? My goal was to access my TrueNAS outside of my local network and this worked like a charm!

Thanks for the tutorial! I'm surprised there are not more likes on this video.

Any advice on why when I try to put anything in the additional parameters under openVPN under Services it crashes when I go to save?

thanks man, keep the tutorials coming. They are super useful

this is a really good tutorial. my usecase would be to have a work-arround for a ISP level port-forwarding block, so i can forward a specific service to possible clients without giving full access to my entire local network with a VPN (which works even with the ISP block). :^) gonna try this when i get the time to try it! thanks for the video!

Bravo majstore puno si pomogai i sve radi bezprijekorno.....

I don't understand why this cannot be written in TrueNAS documentation. I was struggling with RootCA, as I always wanted to use the NAS root CA (cause ... why the hell not?) And I didn't understand why it wasn't working...

Great video. I was able to get the VPN working to the server only. Got any thoughts on how to get access to other local resources and the internet? I am sure it is an easy fix but I been searching around and trying things for a while now.

Thanks a lot for this tutorial I will try this with my own true as later this week

Could you make a little video about how to revoke a client certificate? Simply deleting it won't stop the user from being able to connect to the vpn service. BTW it's important to use an uncommon ip range for the local network, so avoid 192.168.0 and 192.168.1 since this could give routing issues when a user is tyring to log in from home or internet cafe if that location also uses this common ip range.

Thanks man, you helped me fix 90% of my issues. Super awesome! ++ subscribed

Thanks for the very clear tutorial. However there is one major issue with the tunables in this setup: The option 'natd_interface' breaks the DNS access of the jails. That's why there are plenty of people having issues with their jails after configuring the openvpn service. Should the interface be set to the physical network connection or should we use a virtual interface in this tunable? It's not really clear and if you select the physical interface, the openvpn service runs but the jails lose the DNS access.

Followed everything till 14:33, just like I did with Spacerex's tutorial. Still not able to connect. The connection gets timed out. No logs either. What am I doing wrong?

Thank you very much for this amazing tutorial. So clear and understandably

The best tutorial for customize OpenVPN on TrueNAS - thanx! But I have no understanding how to set up tunable parameters on TrueNAS SCALE. Could you update tutorial with SCALE settings?

On Truenas Scale, where can I setup the tunables? Please advise. By the way, your tutorial is the best so far I have found on KZbin. Thanks a lot for your sharing.

Best Tutorial about this!!

Thank you so much for this great tutorial, really well done. However, I've spent a lot of time trying to get it to work without success. Well, it works, but either NAS subnet IPs are reachable and jails lost access to the Internet, either jails have access but no way to reach other LAN IPs. I give up. Note: the workaround with creating a jail to generate a NAT interface did not work.

Worked perfectly. Thank you very much.

Great video tutorial! Following this and trying myself, however, at around 16:15 in text is added. What are the quotations? " or ' ? Many thanks

I really liked your tutorial. It's really detailed. So followed it, I also have DDNS setup on google domains from my NAS. I opened the port for the OpenVPN, but still can't connect from a remote computer :/ any ideas?

Many thanks for this very very good tutorial, it worked almost on the spot. Almost, because my knowledge in this subject is "almost" not perfect... :-) (but getting better). You might have gone perhaps in 2-3 places slightly deeper in the explanation, so that an even larger audience would be able to follow. I mean by that explaining a little bit more for example what the different IP addresses mean that are being used throughout the installation (subnet etc.). Or why we can only use the config file to securely access our server in the end, without using the certificate as such, given that there is the option to download it. (I hope I understood correctly, that it is already included in the config file and not that all my secret cute-cat-videos are not open to the internet... :-) ). Of course I know, that it is also our responsibility to dig deeper, if something is not understood! It would have just kept the otherwise perfect flow of information. Oh, and your voice is just perfect for tutorials!!!

A very thorough walkthrough, thank you. Every time I setup OpenVPN I have issues accessing my internal network. One thing, le0 was bge0 on my system. I'm not sure if you mentioned it may be different on other systems.

Is there a way to preserve my home connection while accessing the remote server through the VPN? Because when using the VPN my internet access becomes only what is at the end of the tunnel.

This is excellent, but I have a problem, mi internet provider put me in a NAT and I Don have a public IP, is there a solution for my issue?

Many Thanks. Great tutorial and excellent work !

very very goOOod tuto, now i untherstand more what to do, and what i do

Hi enabling natd is preventing me from getting dhcp for my plugins, anyway around that?

Hello. In the common name should I put my public ip address? (in my case it is static) or should I associate the ip to a service like dyndns or noIP?

Awesome guide works like a charm. Thank you

I followed this step by step and got the connection established perfectly. Only problem is as soon as i apply the changes to the tunables, my pi hole wich i run in an VM on the TrueNas stopps working. The vm has a static IP. After tunables changes i cannot use it as a nameserver and the VM itself cannot resolve anymore. any help is welcome, im really stuck at this :/

Thanks you for this amazing guide. Everything works. I have problems with setting up DDNS but turned out I gave my LAN mac address instead of WAN mac address. Thanks again my master! BTW any idea how to add password requirement for openvpn? Is it secure without password?

hi, i am trying to follow your instructions. however i am unable to start the OPENVPN server like you did at 8:05 .. it gives me error "OPENVPN Server service failed to start" .. not sure what is wrong and how to fix this. Would you be able to help me with this please?

Great got it working, many thanks for your video (though I had to put the same entry in to 'Common Name' and 'Subject Alternate Names' :-) Last question...To access through an Android phone...do you just install Openvpn app and drop a ovpn file?

Quero agradecer pelo excelente material. E também pela resposta rápida a uma duvida técnica minha. O detalhe que ele sempre atribuía o mesmo ip para qualquer conexão.

I think it was done on purpose, but what is the public IP address shown in the OpenVPN connect software. I’ve been struggling to get this to work and while I am in a unique double NAT scenario (so port forward on both router and router/modem combo) I am wondering if this setup will work if you are connect from an IP outside of the 192.168.x.x range. I was able to connect to my trueNAS remotely using openVPN configured on my router, but I want to figure out how to use the trueNAS service. To clarify, I no longer am running the openVPN configuration on my router, so that is not the problem. Furthermore, does having uPNP enabled or disabled have any bearing on if this setup will work?

in 24:04, what means allow the client to connect to the entire subnet

i can connect to the network (with correct IP), can open the truenas UI in browser on the remote machine, i can kind of access truenas with its IP, but i can't access the shares via win explorer, all accounts return "wrong credentials".... what could be the problem?

Would you have a dns step by step tutorial for this exact video?

Thanks for this tutorial! I hit a bit of a snag during it however. Around 18:10 I added the Static Route, and immediately my web UI crashed. I am now unable to connect to it through the web, and my previously working OpenVPN connection is now down as well. Interestingly, my SMB share and FTP processes are still functioning. I've been looking for a few hours on a fix besides connecting a monitor and keyboard straight to the server. Anyone have advice on how to fix it?

Thank you for the tuturial! Works like a charm..but I’m now having problems with installed plugins (Plex and qbittorrent) - it seems both services cannot access the internet anymore. Can it be because of added static route / tunnables entries?

This is a great tutorial, saved me much hair pulling. Now, not to be greedy, but do you have any idea how to add 2FA to the mix? I have some users who can't help themselves and keep getting spyware on their personal computers, so I don't feel at all comfortable about govong ANY of them access to the file server without 2FA of some sort. Any advice you (or anyone else reading this) could give would be greatly appreciated.

Many thanks for the video, this worked perfectly once I worked out a network peculiarity out with our wireless network provider. I found there IP address not my address inside there network.

I have a VPN at home, and my TrueNAS is remote. I want TrueNAS to connect as a client to my already existing VPN here. Is this possible? Every video and tutorial seem to want the truenas side to have the VPN.

Nicely done! I followed the steps and got it working. But i cannot seem to connect to the internet while connected to the VPN. How do i make that happen? I have a pihole as my DNS set up and i would like to use it "on the got". Also i would not like to have to switch between network access and internet access.

MAAAAAN!!! You are Legend. Thank you

Hello, I come back today to try to get an help with cert expiration date is done. So now i tried to remove Old OpenVPn_root _CA and OpenvPN_server certs and it's always impossible even nothing else on TN13 core than Openvpn was using these certs. So how can i manage a clean deletion to restart from scratch your tutorial ? Thanks in advance for your time

on Truenas Scale, what is the Tunable's equivalent? What I found in the system/advance/ is systcl. Any help is apprecicated

wow, big kudos!! the only thing i had to change was the network interface. it is igc0 for me (tunable natd_interface) worked out of the box! thank you so much!!! i never ever could make this on my own.

Thanks so much for the tutorial! Was wondering if you could do one for TrueNas SCALE. I got as far as the tunables, which is not available on SCALE. As a result, in testing this from my office, I can connect to my home TrueNas VPN, and access the TrueNas server itself, but nothing else on my home network. While connected, I have no internet, but can still access all of the devices on my office LAN. Any idea how to fix that on SCALE?

I am trying to set it up on Truenas Scale right now. But I do not know where or how to set up the tunables. I am able to connect to the OpenVPN but I am not getting any axess to the network itself. Any ideas?

Quick question: Is this series of steps also what one needs to do if one has chosen the plugin OpenVPN, or is this for a manual installation of an OpenVPN server via panels and webpages in the TrueNAS CORE WebUI? I have set up an OpenVPN server using the plugin that is available. I see how to enter a shell for this OpenVPN that is running in a jail from the plugin I installed. Since this OpenVPN server from the plugin is running in a jail, will I need to do all the configuring by command line in that shell?

Could you tell me where can I find this tunable on Truenas Scale please?

Thanks for this video. I am having an issue though. When I set up the additional parameters in OpenVPN server, add the static route and the tuneables as you describe them in the video i'm able to access everything in my network flawlessly. The issue, though, is when I'm back on my LAN the TrueNAS server becomes completely unstable. I mostly can write to the samba fine, but can't read files and the GUI takes minutes to load if it will load at all. I do video editing from the TrueNAS and Final Cut Pro will lock up for several minutes and then crash. If I can get the GUI to load long enough to let me disable the Tuneables and reboot things recover and work as expected but then I'm no longer able to reach other services in my network have you experienced something like this before?

Help! my clients have different certificates but get the same ip addresses (192.168.1.2) when connecting to openvpn. What to do?

Would this only route traffic to the local network or would the public ip of the remote device also change?

Just to add: i followed you tutorial and i went well, i was able to rdp in to my pc and acess my nas, but, after a reboot, my webui completly broke and truenas froze from inside out (like, literally, not even the console responded correctly). I managed to follow the problem to tunables, not sure what, but one of those configs caused the issue. Reinstalled and didnt put those in, i can acess the nas over vpn, but not the rest of local network, too afraid to brick stuck again.

If you have more than 1 nics, say 2 nics 1 for internet, 1 for lan only... in tunables, do you make 2 entries 1 for each nic? I want to pass vpn access to my private non-internet network.

Can I use OpenVPN client on my phone and access the TrueNAS?