I have installed/configured OpenVPN in my firewall pfSense and it has been working OK.
I can access my LAN from OpenVPN clients like Android, Windows and Ubuntu.
Recently I set up a NFS share towards my Synology NAS and discovered that I can not access the shares from my clients when running OpenVPN.
How can this be solved?
My knowledge in OpenVPN is limited ...
NFS mount
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
- Pippin
- Forum Team
- Posts: 1201
- Joined: Wed Jul 01, 2015 8:03 am
- Location: irc://irc.libera.chat:6697/openvpn
Re: NFS mount
Hi,
Does the NAS user have the right to access NFS shares?
Did you allow the traffic in it's firewall?
Have you tried disabling it's firewall?
.
Does the NAS user have the right to access NFS shares?
Did you allow the traffic in it's firewall?
Have you tried disabling it's firewall?
.
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp
Halton Arp
-
- OpenVpn Newbie
- Posts: 19
- Joined: Sat Jul 20, 2013 2:39 pm
Re: NFS mount
When I connect my Ubuntu laptop to the office LAN (where NAS is also connected) then laptop users can access NFS share (read/write priv).
But when the laptop is outside office and is connected with OpenVPN then users can access everything in the office LAN except NFS shares.
Strange thing is that Windows11 clients outside office can connect to the NAS shares ... I guess because Windows11 use SMB protocol and not NFS.
As I understand it is i OpenVPN & NFS issues ...
But when the laptop is outside office and is connected with OpenVPN then users can access everything in the office LAN except NFS shares.
Strange thing is that Windows11 clients outside office can connect to the NAS shares ... I guess because Windows11 use SMB protocol and not NFS.
As I understand it is i OpenVPN & NFS issues ...
- Pippin
- Forum Team
- Posts: 1201
- Joined: Wed Jul 01, 2015 8:03 am
- Location: irc://irc.libera.chat:6697/openvpn
Re: NFS mount
Hi,
It still sounds like a firewall issue.
Check your pfSense rules.
Support for pfSense is here:
https://forum.netgate.com
And have you tried my suggestions above?
.
It still sounds like a firewall issue.
Check your pfSense rules.
Support for pfSense is here:
https://forum.netgate.com
And have you tried my suggestions above?
.
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp
Halton Arp
-
- OpenVpn Newbie
- Posts: 19
- Joined: Sat Jul 20, 2013 2:39 pm
Re: NFS mount
I don't think it is a firewall issue since Windows OpenVPN clients works OK with the NAS Shares.
You asked following:
In NAS I have specified which hosts have access rights to its shares.
The OpenVPN Server runs inside pfSense as a module.
I still belive that it is a NFS & OpenVPN issue ...
You asked following:
NAS users have nothing to do with NFS mount.Does the NAS user have the right to access NFS shares?
In NAS I have specified which hosts have access rights to its shares.
Yes ... since Windows OpenVPN clients can access the NAS Shares.Did you allow the traffic in it's firewall?
Don't quite understand what you mrean.Have you tried disabling it's firewall?
The OpenVPN Server runs inside pfSense as a module.
I still belive that it is a NFS & OpenVPN issue ...
- ordex
- OpenVPN Inc.
- Posts: 444
- Joined: Wed Dec 28, 2016 2:32 am
- Location: IRC #openvpn-devel @ libera.chat
Re: NFS mount
To figure this out I'd suggest to take some traffic dump on the openvpn server (pfSense?) so that you can see whether packets are being dropped or not.
You said that Windows is probably using SMB (very likely) while the others are using NFS. The two protocols may be subject to different firewalls rules, especially because NFS by itself does not normally come with any authentication method, therefore having it blocked by default at the firewall level might be a reasonable setting.
To OpenVPN both protocols look the same, because OpenVPN does not try to differenciate them in any way.
You said that Windows is probably using SMB (very likely) while the others are using NFS. The two protocols may be subject to different firewalls rules, especially because NFS by itself does not normally come with any authentication method, therefore having it blocked by default at the firewall level might be a reasonable setting.
To OpenVPN both protocols look the same, because OpenVPN does not try to differenciate them in any way.