Can't access apps after setting up OpenVPN Client

[mr-elephant]

I have been trying to direct all of my NAS web traffic through a VPN to avoid having to connect separately through each individual app. To achieve this, I have configured the OpenVPN client that is built into TrueNAS SCALE to connect with a VPN provider called MullVAD VPN. I have confirmed through the TrueNAS shell that the VPN connection is working correctly. However, after setting up the VPN client, I have lost access to all of my apps. Whenever I try to open the shell of any app, I get an error message that reads:

Error from server: error dialing backend: x509: certificate is valid for 127.0.0.1, 0.0.0.0, 192.168.1.10, not 10.15.0.32

I am not sure why the apps are now picking up the IP address as 10.15.0.32. I'm certain that I must be missing something here, so would appreciate any help!

 

[Geso71]

This is because in the certificate the subject name has to be the same as the ip you are accessing remotely. To do this try these steps...

1. Go to duckdns.org and get a domain for free

2. Add a cron job (duckdns site will guide you) to your TrueNAS and make it run every 5 minitues (this will ensure that the maximum downtime will be 5 minites) [i assume that your ISP gives you a dynamic external IP]

3. Create 1 Certificate Authority for OPENVPN (subject name = domain you reserved from duckdns.org)

4. Create 1 Certificate with issuer the Certificate authority you previously created, profile --> OPENVPN_SERVER and again subject name = domain you reserved from duckdns.org

5. Create 1 Certificate with issuer the Certificate authority you previously created, profile --> OPENVPN_Client and again subject name = domain you reserved from duckdns.org

6. Add the following configuration to you openvpn

replace 10.11.5.0/24 (with your VPN LAN)
replace 10.11.1.0/24 (with your physical LAN)

the push route is very important as it makes all your other TrueNAS Scale APPS accessible remotely.
the duplicate-cn makes it possible to support more than one vpn connection at a given time

7. Download client config with OpenVPN_Client Certificate

8. (IMPORTANT!!!!)
Open the config with a text editor and replace the ip field with your domain from duckdns.org

9. Drag and drop to OpenVPN Application in your remote machine and it should work

10. Also make sure you have portforwarded the port in OpenVPN config (in my case 3015) in your router (easier) or you have setup a reverse proxy (harder)

If any problem persits post it here
Hope you find this helpfull