Truenas 13, Wireguard, and NAT routing. What words do I need to know?

It seems impossible that this hasn’t already been addressed somewhere, but I haven’t been able to find it.

Disclaimer: BSD newbie. My goal is to host a wireguard server on my truenas 13 box. The official documentation worked great and I’ve got my remote device connecting to the server.

https://www.truenas.com/docs/core/coretutorials/network/wireguard/

My past experience with wireguard has been in linux, so I’m used to POSTUP and POSTDOWN sections that make iptables changes to give the wireguard client access to the wider internet.

I’ve made it as far as knowing that network configuration happens in rc.conf, BUT any direct changes to rc.conf in truenas 13 get overwritten at boot. I think the tunables GUI is the persistent way to make changes to rc.conf, but whoooo boy any references I’ve found would be a bear to enter that way.

Is what I’m trying to do just not a thing in Truenas Core? The easiest solution would be a separate, dedicated linux box. That would have the additional benefit of being able to reboot my NAS without affecting wireguard and would be a convenient launch point for sending out magic packets for WOL.

I’m hoping there are some magic words that I can google and find this problem already solved by someone more experienced than I. Confirmation that this is not a thing that is done in Truenas would be equally appreciated.

I’d say that a NAS is not a firewall/router/gateway and to my knowledge it doesn’t come with a firewall enabled by default so there’s nothing to “fix”.

1 Like

I took a different approach and created a little tiny alpine vm. This is the guide I followed, it ended up being a very pleasant process.

https://wiki.alpinelinux.org/wiki/Configure_a_Wireguard_interface_(wg)