Posted: Sat Sep 16, 2017 13:03 Post subject: OpenVPN server - devices not accessible
Hello,
I set OpenVPN server on my DD-WRT and I'm able to connect from my phone to my VPN, connect to internet using my home IP, access the DD-WRT's configuration page (192.168.0.1) and the Sipura SPA 3102 (ATA)'s configuration page (192.168.0.6)
BUT
My second DD-WRT router configured as a bridge is not accessible typing 192.168.0.2 on my browser. Same thing for my NAS (192.168.0.5) whereas I can access to both directly without using my VPN.
That's strange...
Here's my OpenVPN server configuration :
And my phone's configuration :
Code:
client
dev tun
proto udp
remote ip.richard.ooo 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3
If 2nd router is config as repeater bridge that may be the problem.
Not sure about details but routing from tun to RB on the LAN can cause trouble....
You can look on you main router at LAN connections and likely see weird things about the RB and anything connected behind it.
Repeater Bridge is not a good solution to bridge wirelessly
If 2nd router is config as repeater bridge that may be the problem.
Not sure about details but routing from tun to RB on the LAN can cause trouble....
You can look on you main router at LAN connections and likely see weird things about the RB and anything connected behind it.
Repeater Bridge is not a good solution to bridge wirelessly
There are only a computer and a PS3 on the second router. The NAS is directly connected on first router.
Okay, solved. My own fault really. So my setup is a little complex. The router has 3 endpoints:
1. WAN (standard unencrypted traffic)
2. London VPN client - using a VPN provider to route some traffic out to the web encrypted/anon.
3. Swedish VPN client - using a VPN provider to route some traffic to a Swedish VPN endpoint.
I use policy-based routing to send different traffic goes out a different way. Some basic traffic (my IoT devices, lightwaveRF etc) goes straight out over the WAN. Most traffic from my laptops and phones goes out to #2, which gives my encryption and anonymity from my ISP, but without messing up my Geo-Location. All traffic from my NAS (which runs Sickrage, Couchpotato and DS Download) goes out over #3, so that my torrent searches work properly (since UK ISPs block torrent sites).
So you know what's coming... when I connect in via my OpenVPN server on the router, I'm coming in directly over the WAN, and not through either VPN pipe. But all the NAS traffic gets force-routed out over the VPN client to Sweden, so is whisked away and never makes it back out via the VPN server.
Added a couple of exception rules so that traffic with source/dest of 10.8.0.0/24 will be routed back out over the WAN, and I'm up and running.
I use ExpressVPN and force my NAS to use the VPN (policy based routing : 192.168.0.3/32) it seems it could explain the problem.
Quote:
Added a couple of exception rules
Can you help me with this ?
Last edited by ☆ Ricky ☆ on Sun Sep 17, 2017 19:26; edited 2 times in total
Must have some type firewall builtin ????
Might check into that and open the ovpn server's IP range to it.
or
probably work fine if you was running an ovpn server
on a WAP somewhere within your network.
My NAS wasn't available because it was set to connect to internet via ExpressVPN (I used policy based routing). I've disabled it and can now access my Synology's configuration page.
But now how can I continue tu use ExpressVPN with my NAS but make it accessible from other devices on my LAN ?
