Posted: Sat Apr 28, 2018 13:13 Post subject: Connected to L2TP VPN server, but no internet access
Hi all,
I have the following configuration, but can't get internet access.
192.168.0.1 - main router with internet access
192.168.1.1 - DD wrt router Firmware: DD-WRT v3.0-r27600 std (08/11/15) installed on a TP-Link TL-WR740N v4
this is the routing table:
Destination LAN NET Subnet Mask Gateway Flags Metric Interface
default 0.0.0.0 192.168.1.1 UG 0 LAN & WLAN
8.8.4.4 255.255.255.255 192.168.0.1 UGH 0 WAN
8.8.8.8 255.255.255.255 192.168.0.1 UGH 0 WAN
31.14.XXX.XXX 255.255.255.255 192.168.0.1 UGH 0 WAN
169.254.0.0 255.255.0.0 * U 0 LAN & WLAN
192.168.0.0 255.255.255.0 * U 0 WAN
192.168.1.0 255.255.255.0 * U 0 LAN & WLAN
192.168.1.1 255.255.255.255 * UH 0 ppp0
212.56.129.228 255.255.255.255 192.168.0.1 UGH 0 WAN
The DDWRT router is connected to the main router with an Ethernet cable that is plugget to the WAN port in the DDWRT router and in port 1 in the main router.
When I am connected to the Softehter L2TP VPN server the WAN IP in the DDWRT router is 192.168.1.1 - I would expected this to be the same IP of the VPN server.
IWhen I am connected to the DDRT router I don't have any internet access and I just get the message resolving host and a traceroute goes always timeout.
The following can't be correct if you're suggesting that 192.168.1.1 is the WAN ip of the dd-wrt router.
192.168.0.1 - main router with internet access
192.168.1.1 - DD wrt router Firmware: DD-WRT v3.0-r27600 std (08/11/15) installed on a TP-Link TL-WR740N v4
The WAN ip *must* be in the same local IP network as the primary router since that ethernet port lies within the primary router's ethernet segment. IOW, it should be something in the 192.168.0.x range, something other than 192.168.0.1, since that's already used by the primary router (e.g., 192.168.0.2).
That routing table looks a bit odd too.
The following route shows that 192.168.1.x is bound to the local IP network (LAN side) of the dd-wrt router.
192.168.1.0 255.255.255.0 * U 0 LAN & WLAN
But the following route ...
192.168.1.1 255.255.255.255 * UH 0 ppp0
... shows that 192.168.1.1 is bound (presumably) to the VPN (ppp0). IOW, it *appears* as if the VPN and the local network are both using the same local IP network (192.168.1.x). And if that's the case, the VPN won't work. Every network assigned to every network interface must be unique and non-overlapping.
To make things even more confusing, the following ....
default 0.0.0.0 192.168.1.1 UG 0 LAN & WLAN
... suggests the VPN changed the default route to 192.168.1.1 (it would normally be 192.168.0.1, assuming that's the LAN ip of the primary router), but the network interface is NOT ppp0 (as I would have expected), but instead the local network interface (LAN & WLAN).
It's always difficult to know precisely what the routing table is telling you when you have limited information. For example, I don't know what to expect in terms of routing information pushed from the Softether server, whereas you probably do. I can only draw inferences from what I see in the routing table, and make educated guesses. And I have to rely on having correct information in your description.
Anyway, all I can really say at this point is that some things don't look right or make sense in that routing table. But I can't be sure if it's a misconfiguration by you, or my misinterpreting the routing table, or some combination of the two.
Hi eibgrad,
thanks for your post.
The ddwrt router has now IP 192.168.0.100 while the primary router is still 192.168.0.1.
The new routing table is the following:
Destination LAN NET Subnet Mask Gateway Flags Metric Interface
default 0.0.0.0 192.168.0.100 UG 0 LAN & WLAN
1.0.0.1 255.255.255.255 * UH 0 ppp0
8.8.4.4 255.255.255.255 192.168.0.1 UGH 0 WAN
8.8.8.8 255.255.255.255 192.168.0.1 UGH 0 WAN
31.14.XXX.XXX 255.255.255.255 192.168.0.1 UGH 0 WAN
169.254.0.0 255.255.0.0 * U 0 LAN & WLAN
192.168.0.0 255.255.255.0 * U 0 LAN & WLAN
192.168.0.0 255.255.255.0 * U 0 WAN
192.168.0.100 255.255.255.255 * UH 0 ppp0
212.56.129.228 255.255.255.255 192.168.0.1 UGH 0 WAN
The Softether VPN server has been working for years and if I connect directly to it without passing by the DDWRT router it works as expected.
This is the Status -> WAN page:
Configuration Type
Connection Type L2TP
Login Status Connected
Connection Uptime 0:05:38
IP Address 192.168.0.100
Subnet Mask 0.0.0.0
Gateway 1.0.0.1
DNS 1 8.8.8.8
DNS 2 8.8.4.4
DNS 3 192.168.30.1
I don't get why the WAN IP is 192.168.0.100. Is it supposed to be the same as the IP of the VPN server?
Under Setup -> Advanced Routing -> Operating Mode is set to Gateway. Is this correct or do I have to select any other option?
thanks for all your suggestions, but at the very end I solved in a different way.
I realised that the original firmware of my cheap router TP-LINK WR740N has a L2PT client integrated and in no time I achieved what I was looking for without making any change to my VPN server or looking into the routing table or any other setting.