[Old_Codger]

I've kept on persevering with is but I really do need help.
Reminder:

All connections are wired. For now WiFi is off

I want to BRIDGE to my home router.
• Home (Primary) Server is a Netgear R7000 running the stock Netgear firmware (latest version 1.09) – it has an OpenVPN server on it which I am connecting to as a Bridge / TAP
• NB: There are no configuration options for the Netgear implementation of OpenVPN – I can change the port and choose TAP or TUN.
• IP address is 192.168.0.2/24 (watch the IP address its the wrong way round for most setups!) DHCP scope 192.168.0.3 to .99
• This connects direct to my cable modem which a dumb modem– not configured as a router.

Remote/Secondary router: TP-LINK running DD-WRT Firmware: DD-WRT v24-sp2 (03/25/13) std running DD-WRT OpenVPN Client
IP address 192.168.0.1 - connects via a remote ISPs router – intermediate network is 192.168.10.0/24

I have successfully created the bridge and browse my network at the primary end no problem. I can’t however get off the network onto the internet at that end – and I need to.

I know I have a connection as device at the remote/secondary end get an IP address in the home scope – but the gateway address is missing from client devices at the secondary end and nothing I have been able to do has been able to fix this.

This illustrates what I mean: (From a windows 10 laptop connected to the secondary router)
> Ipconfig /all

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 2C-60-0C-47-10-5E
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2197:6f71:cfe3:c4a4%6(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.15(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 09 August 2017 21:36:17
Lease Expires . . . . . . . . . . : 10 August 2017 21:36:17
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.0.2
DHCPv6 IAID . . . . . . . . . . . : 53239820
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-44-E2-D9-2C-60-0C-47-10-5E
DNS Servers . . . . . . . . . . . : 192.168.0.2
NetBIOS over Tcpip. . . . . . . . : Enabled

NB: No gateway (same happens on non-windows devices – not phones BTW)

The OpenVPN log from DD-WRT GUI is:


20170809 20:39:57 PUSH: Received control message: 'PUSH_REPLY route 192.168.0.0 255.255.255.0 route-delay 5 redirect-gateway def1 route-gateway dhcp ping 10 ping-restart 120'
20170809 20:39:57 OPTIONS IMPORT: timers and/or timeouts modified
20170809 20:39:57 OPTIONS IMPORT: route options modified
20170809 20:39:57 OPTIONS IMPORT: route-related options modified
20170809 20:39:57 ROUTE_GATEWAY 192.168.10.1/255.255.255.0 IFACE=vlan2 HWADDR=f8:1a:67:5a:ce:41

20170809 20:39:57 I TUN/TAP device tap1 opened
20170809 20:39:57 TUN/TAP TX queue length set to 100

20170809 20:40:02 /sbin/route add -net PUBLICIPHIDDEN netmask 255.255.255.255 gw 192.168.10.1
20170809 20:40:02 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 192.168.0.2
20170809 20:40:02 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 192.168.0.2
20170809 20:40:02 /sbin/route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.0.2

20170809 20:40:02 I Initialization Sequence Completed

I have HAD to add route-gateway 192.168.0.2 to the config – if I don’t the gw address defaults to 192.168.0.1!

route-gateway dhcp

doesn’t work ( the log complains about no gateway defined via route-gateway!!)

At this point I can browse the primary network but not get off it - most probably because there’s no gateway!

> ping 192.168.0.3

Pinging 192.168.0.3 with 32 bytes of data:
Reply from 192.168.0.3: bytes=32 time=46ms TTL=64
Reply from 192.168.0.3: bytes=32 time=47ms TTL=64
Reply from 192.168.0.3: bytes=32 time=48ms TTL=64
Reply from 192.168.0.3: bytes=32 time=48ms TTL=64

Ping statistics for 192.168.0.3:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 46ms, Maximum = 48ms, Average = 47ms

> ping 8.8.8.8

Pinging 8.8.8.8 with 32 bytes of data:
PING: transmit failed. General failure.
PING: transmit failed. General failure.
PING: transmit failed. General failure.
PING: transmit failed. General failure.

Ping statistics for 8.8.8.8:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),


The final point is if I set this Windows Laptop to have a fixed IP address with same data as above but a gateway of 192.168.0.2 everything works as expected.

The bridge is working, DHCP/PING/Browse prove that so

Why is the gateway not arriving from the primary network DHCP server?
Or is it arriving and getting deleted somewhere?

What other steps can I try?

This has clearly happened to other people before but there’s no definitive answer..



Here’s my config:
From a 30:30:30 reset!
(TP-LINK/DD-WRT DHCP IS OFF)

Enable OpenVPN CLIENT

SERVER IP/NAME DDNSNAME.ddns.net
PORT 12974
tUNNEL DEVICE TAP
TUNNEL PROTOCL UDP
ENCYPTION CYPHER AES-128 CBC
HASH ALOGORITHM SHA1
NSCERTTYPE VERIFICATION TICK BOX

ADVANCED OPTIONS ENABLE

TLS CIPHER AES-128 SHA
LZO COMPRESSION ADAPTIVE
NAT DISABLE
BRIDGE TAP TO BR0 ENABLE




ADD TO ADDITONAL CONFIG

verb 5
mute 10
route-gateway 192.168.0.2

CA CERT

-----BEGIN CERTIFICATE-----
SNIP
-----END CERTIFICATE-----


PUBLIC CLIENT KEY

-----BEGIN CERTIFICATE-----
SNIP
-----END CERTIFICATE-----


PRIVATE CLIENT KEY

-----BEGIN RSA PRIVATE KEY-----


[[snip]]
-----END RSA PRIVATE KEY-----

Thank you in anticipation


=======

Old_Codger

[Old_Codger]

Bump.

Folks if I'm asking in thew wrong place could someone point me in the right direction please?

It is extremely unusual that a gateway doesn't get assigned - and i suspect it will take the sort of mind that live around here to sort this (even if its only to tell to stop being an idiot and set x to y.....)

Thanks in anticipation...