VPN Connection Potential Issues
VPN Connection Potential Issues
Hi Guys,
I've recently purchased a VR2800 wifi modem router and I am very much satisfied with it.
Maybe there are some minor issues I cannot manage to addres maybe due to my poor networking knowledge.
When I am on VPN (via OpenVPN) from my android phone everything works as if I am connected from within my home wifi net. I can access my nas server files in read write mode, I can successfully ping and any smart device connected to the network (smart tv, sound system,...) and I even can log in to my wifi extender typing the relevant local lan ip address of the device as if I am at home.
What I cannot do
-login to my vr2800 router management page (403 forbidden error given), even if is pingable.
-use the smart devices from the app on my phone as I would do at home. They actually can't be controlled when on VPN. I can ping them, but I cannot use them.
My local lan ip pool address has been changed from the default one, so there shouldn't be issues relating to ip's conflict. It looks like even if I am in VPN, some apps won't recognise that, even if I can ping the related devices. You can ping them but can't use them. I've also tried to do some port forwarding with no luck. Anyway as I can reach them via ping, there shouldn't be a port issue and that's what I don't understand where the problem is.
Any help from you guys?
thanks in advance
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi,
Please login to the web interface of Archer VR2800 and then enable remote management.
Note: You can go to advanced-system tools-administration-remote management
After that, please check whether you can access it remotely with VPN connected.
Good day.
- Copy Link
- Report Inappropriate Content
Hi Kevin,
thanks for your prompt reply.
I did it already and yes I can login to the router via the remote management tool via VPN as well.
But what I would like to do, when in VPN mode, is to disable the remote management and login to the router as if I am connected from within my home wifi, meaning that I'd like to open a browser and put the router ip address in the address bar, which is what I do when I am at home. If I do that from VPN I get the 403 forbidden error and I don't know why.
At the moment when I want to remotely login to the router I use the remote management tool via dynamic DNS service with no issues at all.
But what I would like to do is to disable the remote management and login to the router when I am in VPN as if I am at home.
thanks
- Copy Link
- Report Inappropriate Content
I have the same issue.
I need to access the router though VPN but without having "remote management" active.
I do not like the idea that by IP or hostname, people are able to see the login page and try to access.
Is there no option to allow VPN guests or VPN users to access management page without having to activate remote management?
It’s a fact that having "remote management" deactivated and connecting to the VPN, the gateway IP for the router is active and pings. Even the local IP pings (192.168.1.1).
It just throws "403 Forbidden" error.
There must be a rule or option. Could this be changed through shell or telnet?
Other market routers have an option to allow VPN users/guests to access the administration page without having to activate remote administration.
Your help would be much appreciated. Thank you.
Firmware Version: 1.6.0.0.9.1 v0001.0 Build 181022 Rel.40644n
Hardware Versiuon TL-MR6400 v3 00000001
- Copy Link
- Report Inappropriate Content
Precisely,
and btw I forgot to mention that I have this issue when in openvpn mode only.
If I set pptp vpn, everything works as expected. That's why I thought there's some misconfiguration from my side.
Where's the reason behind they choose to block the access to the router configuration page when in openvpn mode which is the most secure in fact? It makes no sense at all to me.
- Copy Link
- Report Inappropriate Content
Thanks for your reply; For your information, some specific routers, including the Vr2800 and MR6400, the connection via OpenVPN will be recoginized as remote connection. So in order to access the router remotely, the remote management should be activated.
May it help and have a nice day.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hi, thanks for the response, but this makes no sense and a potential security risk.
Activating VPN is to make a secure remote encrypted connection and leave access to router settings (optional) as if it’s a local network, so it should only be allowed in its sub IP's under its local network.
Activating Remote management is kind of risky making it even more easier to be broken by anyone with the domain that will be able to connect and see the router interface.
VPN should not be considered remote management but local management. At least a button to allow VPN users to access the router.
Is there a new firmware being looked at?
Can you check if this can be done through terminal on the router?
That would be of big help.
- Copy Link
- Report Inappropriate Content
Thanks for your reply.
Per I said, the VPN data will be recognized as remote access, to login to the web UI, we need activate the remote management; while I do catch your points.
We will remind our R&D team and let them evaluate the feasibility.
Good day.
deltav wrote
mmm. ok. but why this choice for openvpn connection and not for pptp vpn, is still a mystery to me. I mean: if you guys want us to access the router configuration page by remote access only even if in vpn, then you should set this for all types of vpn connections. I don't see the reason why the login via direct ip input is allowed when on the most unsecure vpn connection and not enabled when connected with the most secure one. But by the way, thanks for your reply
- Copy Link
- Report Inappropriate Content
Thanks for the reponse, at least its a start
- Copy Link
- Report Inappropriate Content
Kevin,
thanks
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 6072
Replies: 11
Voters 0
No one has voted for it yet.