Joined: 02 Aug 2017 Posts: 29 Location: Cambridge, UK and Rouen, France
Posted: Tue Sep 19, 2017 20:06 Post subject: I can’t access the DD-WRT HTML GUI once a VPN is made.
I can’t access the DD-WRT HTML GUI once a VPN connection is established.
I am using DD-WRT to create a TAP VPN from a remote location to my network at home.
After a bit of struggle I have got the VPN working.
But I’ve hit an odd problem.
Once the VPN is connected I lose the ability to connect to the Remote (VPN Client) end of the setup.
Everything works fine until the moment the VPN is fully connected.
The client end is the remote end and has the IP address is 192.168.0.1 – the home end is the server and has the IP address 192.168.0.2
(I know this s the reverse of what most people do but it’s the way I set it up and I don’t want to change it unless it’s essential (it seems when I make a change, lots of things break!)
Remote end is a TP-Link N600 box with the last known “release” firmware dated 2013 (i.e. not one of the more recent betas etc.)
Home end is a Netgear R7000 running the Netgear locked down version of OpenVPN server.
Any ideas what might cause it? _________________ =========
Old_Codger
Aging geek who learned programming on Intel 8080 and Motorola 6502.
If TAP is working you should be able to access it.
Are you sure 192.168.0.1 is NOT in DHCP range of whatever is doing DHCP?
IOW, make sure 192.168.0.1 is not picked up by another client before TAP is established.
Also make sure 192.168.0.1 is not in range of TAP server's IPs if using multiple VPN clients.
Joined: 02 Aug 2017 Posts: 29 Location: Cambridge, UK and Rouen, France
Posted: Wed Sep 20, 2017 18:49 Post subject:
mrjcd wrote:
If TAP is working you should be able to access it.
Are you sure 192.168.0.1 is NOT in DHCP range of whatever is doing DHCP?
IOW, make sure 192.168.0.1 is not picked up by another client before TAP is established.
Also make sure 192.168.0.1 is not in range of TAP server's IPs if using multiple VPN clients.
Home (OpenVPN Server DHCP server) has a DHCP scope of 192.168.0.2 to 192.168.0.99
(No static IPS or reservations use .1 )
Remote (OpenVPN Client end) has a DHCP Scope of 192.168.0.100 to 192.168.0.149
all class c (255.255.255.0)
You might like to see the tracert output the first is without VPN active, the second with
Tracing route to DD-WRT [192.168.0.1]
over a maximum of 30 hops:
Joined: 02 Aug 2017 Posts: 29 Location: Cambridge, UK and Rouen, France
Posted: Thu Sep 21, 2017 20:48 Post subject:
[quote="jxm"]
Old_Codger wrote:
Connecting two LAN segments that use the same IP address range is not a good thing to do. Each router is going to deal with traffic intended for the remote router as local traffic because it matches its own subnet and subnet mask. So that traffic is not going to get to the VPN. (Not to mention that one of the router IP addresses is included in one of your DHCP scopes).
To get the VPN to work reliably, you should give each of the two LANS its own unique subnet.
If you change one subnet consider giving the home network an address range that is a little less common than 192.168.0.x. Then you will be less likely to get a conflict if you decide in future to use the VPN to secure a free wifi connection to Starbucks or a hotel.
One other thing, check that the subnet entered in the VPN server setup is completely different to the subnet used by either LAN.
I may have misunderstand something here, if so i apologies. There is no subnet for the VPN - this is TAP. There is no intermediate subnet. The idea is to create one network both sides. I could use different segments but I'd need to amend the mask to put them back on on the same subnet - which defeats the point. _________________ =========
Old_Codger
Aging geek who learned programming on Intel 8080 and Motorola 6502.