Hi I currently am running a system running truenas this is a brand new installation with no data on as of yet the hardware is
I56400
16gb ddr4
6x 3Tb hdd
3x120gb ssd
2x2tb hdd
1x 1tb
It’s all up and running with storage and smb shares I have been playing around with truenas for about two weeks now i have gone and got myself a Ddns service so I can access my home network while away from home but as you can prob tell I’m not 100% on what I’m doing but I feel I’m getting somewhere I can access my pf sense router from the Ddns but can’t seem to access my truenas is there something I need to put after my dddns host name to get to my nas or am I just doing it completely wrong please help as all I want to do is be able to access my files from anywhere I am hope you can help
Good start
Do you mean you can see your routers login page? If so you need to reconfigure your router to not listen on WAN ports.
Once you have completed the previous step, on your router forward the http/https/smb ports to your NAS IP and you should be done.
@judahnator has some good points. I would say that if you can take the time to learn it use the HAProxy plug-in for pfSense rather than port forwarding as it is much more scalable and once you get the hang of it provides a lot of secondary features that you can eventually take advantage of.
You definitely need to fix the pfSense listening on WAN though as that is how you get a compromised router.
Don’t do that. VPN back to your home network.
You can spin up a lightweight Linux VM on TrueNAS and configure it as a PiVPN server
Forward the Wireguard port to your VM, create some connection profiles, and you’re all done.
Direct access is not a good approach.
Since you’re using truenas ( I am assuming not truenas scale) you can “jail” a vpn-service - forward those ports from the router to the server, and then configure the access portions.
In short - you’re closing in on “DMZ” land, but you should think about;
Authorization:
- Access control (ie, have something in the way that does not make it direct access)
- Region control (geographically)
- Block unauthorized access
Authentication (ie, verifying that who ever tries to access, got access).
Things to consider from my point of view;
What can your router assist you with?
What can your truenas installation assist you with?
Do you need additional “lego blocks” to ensure the right kind of access?
Will you serve any public content - how is that divided from your private content?
etc etc.
In short - if you write out what you want - there’s a good chance there’s assistance in what parts can help you.