Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.

Access from different subnet

Joined
Jul 6, 2019
Messages
8
I have latest version installed (FreeNAS-11.2-U5) and I access it fine from local, but I can not access it from VPN and other subnets.
For example I am trying to access freenas (192.168.10.32) from 192.168.20.25.
Any idea what should I do?

I have VPN with 3 locations all on different subnets:
  • 192.168.0.xxx
  • 192.168.10.xxx
  • 192.168.20.xxx
Code:
Hardware specs
Processor: AMD Turion(tm) II Neo N40L Dual-Core Processor (2 cores)
Memory: 8 GiB
Network: bge0:
IP Address: 192.168.10.32
Aliases:
Default Routes: 192.168.10.1
Name Servers: 8.8.8.8 , 8.8.4.4 , 8.8.8.8 , 8.8.4.4
 

melloa

FreeNAS Expert
Joined
May 22, 2016
Messages
1,678
I have VPN with 3 locations all on different subnets:
  • 192.168.0.xxx
  • 192.168.10.xxx
  • 192.168.20.xxx
Not really a FreeNAS configuration issue. I have three subnets plus VPN @ home and all is configured as rules inside my router.
 
Joined
Jul 6, 2019
Messages
8
It is FreeNAS configuration issue. I have access among all other devices across all subnets. Network is working fine.
 

SweetAndLow

Sweet'NASty
Joined
Nov 6, 2013
Messages
5,897
Freenas has nothing to do with your subnet, it doesn't even care what subnet it is on. It's not freenas.

Can you ping your gateway, can you ping freenas? Can you access anything else on the subnet that freenas is on?
 

kdragon75

FreeNAS Expert
Joined
Aug 7, 2016
Messages
2,418
Double check your default gateway and subnet mask. Routing is all done by your router and vpn appliance.
 
Joined
Jul 6, 2019
Messages
8
Where can I find that in new interface?
Maybe it is problem with subnet mask...

On other computers everything is working fine accross all subnets.
 

Redcoat

FreeNAS Expert
Joined
Feb 18, 2014
Messages
1,214
You can ssh in, or use Shell, and run /etc/netcli to get to the Console menu.
 
Joined
Jul 6, 2019
Messages
8
It is freeNAS issue. Found info here http://prntscr.com/oe75zv
It should have 192.168.10.32/16 instead 192.168.10.32/24 (current, default setup).
I am not very comfortable whit ssh. and I am unable to find how to change this in GUI.
Maybe I am missing something?
 

Elliot Dierksen

FreeNAS Guru
Joined
Dec 29, 2014
Messages
718
I am unable to find how to change this in GUI.
Network -> Interfaces. Edit the applicable interface and change the subnet mask.
 

kdragon75

FreeNAS Expert
Joined
Aug 7, 2016
Messages
2,418
So your using tap style vpn and not tun?
 

jgreco

Resident Grinch
Moderator
Joined
May 29, 2011
Messages
11,818
It is freeNAS issue. Found info here http://prntscr.com/oe75zv
It should have 192.168.10.32/16 instead 192.168.10.32/24 (current, default setup).
I am not very comfortable whit ssh. and I am unable to find how to change this in GUI.
Maybe I am missing something?
A /16 netmask that covers multiple subnets suggests that you have a network design error.

You can change the netmask on your FreeNAS system by going to Network, Interfaces, picking the interface in question, which will list the current IPv4 and netmask in one of the fields, and then selecting "Edit" from the three-dot menu dropdown in the last column. It will present a screen that includes "IPv4 Netmask" as probably the fourth stanza. But you probably shouldn't do this, and should fix your network instead.

A properly designed network would create a subnet for each location. A "subnet" is not just a range of IP's, but also an appropriate netmask. It limits the broadcast domain as well.

For example, let me build a prototype.

192.168.0.0/24 - New York
192.168.10.0/24 - Chicago
192.168.20.0/24 - Los Angeles

At each site, you would have a router at the ".1" address on the network.

All hosts in New York would be numbered as "192.168.0.xxx" where xxx is in the range 2...254, with a default route pointing at 192.168.0.1.

All hosts in Chicago would be numbered as "192.168.10.xxx" where xxx is in the range 2...254, with a default route pointing at 192.168.10.1.

All hosts in Los Angeles would be numbered as "192.168.20.xxx" where xxx is in the range 2...254, with a default route pointing at 192.168.20.1.

Each router would have a link to the other routers, and an appropriate route for each other router. So

The New York router would have a route pointing 192.168.10.0/24 to the Chicago router, and 192.168.20.0/24 to the Los Angeles router.

The Chicago router would have a route pointing 192.168.0.0/24 to the New York router, and 192.168.20.0/24 to the Los Angeles router.

The Los Angeles router would have a route pointing 192.168.0.0/24 to the New York router, and 192.168.10.0/24 to the Chicago router.

This creates appropriately scoped networks and also places a constraint on the size of the broadcast domain. With a /16, your entire network is a single broadcast domain (and is also a single network, and it is inappropriate to refer to 192.168.0.0/16 and 192.168.10.0/16 and 192.168.20.0/16 as different subnets).
 
Top