Need help setting up the openvpn client on secondary router Archer AX55

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Need help setting up the openvpn client on secondary router Archer AX55

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Need help setting up the openvpn client on secondary router Archer AX55
Need help setting up the openvpn client on secondary router Archer AX55
2024-05-01 16:55:56 - last edited 2024-05-06 09:02:45
Model: Archer AX55  
Hardware Version: V2
Firmware Version: 1.1.0 Build 20230128 rel.20162(5553)

Hello,

 

I am new to network configuration here and lost my way during the journey. Hope the community can guide me.

 

Recently, I bought the AX55 new router to delegate all the necessary functions of ISP modem/router combo to new router.

This means I will use it to provide wifi and ethernet to all home devices. The ISP unit will only provide internet to second router via lan cable. I can't totally replace the ISP unit due to ISP restriction.

I will turn off the wifi of ISP unit leaving it only purpose is to provide internet to second router.

For these goals, I successfully setup the AX55 as access point (make static IP, connect ISP unit LAN port to AX55 LAN port, disable DHCP on router 2).

 

But the problem now comes because I also intend to setup openvpn client on it.

But the openvpn client stuck at connecting to server as shown in pic below (I can connect to server with openvpn client). I noticed it is somehow because of there is no internet connection shown in AX55 interface (which I think is normal because it is configured to act like access point. The connection go through AX55 do have internet access. Just the management user interface shown no internet.)

 

Then, I tried connecting the ISP unit LAN port to WAN port of AX55. Then it now shows internet access and successfully connect to openvpn client.

But when I plug into WAN port of router 2, I could not set it in static IP. In AP mode above, I can set router 2 to static 192.168.100.2 while router 1 being 192.168.100.1.

But as soon as I plug into WAN port, no matter how I set static IP, reserve IP in router 1, etc. It become a random 192.168.100.*** .

Then, I think the whole IP mess up. I even could not access the router 2 (AX55) management web portal anymore and had to reset it many times.

Seems like I need to plug into WAN port of router 2 for openvpn to work but if plugged, IP are messed up.

I am totally lost now and do not know how to set it up.

Please guide me how should I configure to achieve the final goals of using router 2 for wifi, ethernet and openvpn client while router 1 only send internet connection to router 2.

 

 

 

 

  0      
  0      
#1
Options
1 Accepted Solution
Re:Need help setting up the openvpn client on secondary router Archer AX55-Solution
2024-05-02 14:06:14 - last edited 2024-05-06 09:02:45

  @jra11500 

 

Thank you very much for the detailed explanation. That helps me a lot to understand the logic behind it.

I have managed to achieve the goals I want with some questions left to ask.

 

I have tried the following after your suggestion

 

Router 1

1. IP - 192.168.100.1

2. DHCP - ON (just for in case I want to plug ethernet and change setting again which I also later noticed I can access while connected from router 2).

3. Pool - 192.168.100.10 to 100

4. WIFI - OFF

 

Router 2

1. WAN IP - 192.168.100.2 (I need to mention WAN because there is also LAN IP).
    Default Gateway - 192.168.100.1

2. Lan IP - 192.168.0.1 (Default LAN IP which router do NOT allow to make same under subnet 192.168.100.***)

3. DHCP - ON 

4. Pool - 192.168.0.10 to 100  (Again router only allow the same subnet to LAN IP).

5. WIFI - ON

 

With these setting, the router 2 now works like I want it to. 

But I get to know that this kind of setting create two different network: one with subnet 192.168.100.1 and another 192.168.0.1.

Router 2 devices can reach to router 1 devices but NOT in opposite. (is it something called double NAT?)

And I see people say that it is not a recommended setting.

 

So my final concern is that can I just leave the setting as it is now. Or is there some more setting I should do to make it perfect?

My family will use for some social media, youtube.

I, myself, in addition to above, play some MMO games and other online game like Counter strike 2.

Will there be any impact on these usage. If the impact will be very small and need expertise knowledge to make it perfect, I might just leave it as it is now.

Thanks.

 

 

Recommended Solution
  0  
  0  
#3
Options
7 Reply
Re:Need help setting up the openvpn client on secondary router Archer AX55
2024-05-01 19:41:18 - last edited 2024-05-01 20:29:57

  @shwelone 

 

If I understand you correctly, the ISP router is Router 1 and the AX55 is Router 2.  Router 1 is assigned the IP address of 192.168.100.1 and you want to assign the IP address 192.168.100.2 to the AX55 but the assignment is causing problems.


I would do the following:

 

1.  In Router 1, disable the DHCP server -OR- ensure its range does not include any static IP addresses, such as 192.168.100.2.  For example, 192.168.100.32 to 192.168.100.199 would be OK.  If nothing else is connected to Router 1, I would disable the DHCP server completely as it is not needed.


2. Connect the cable to the AX55 WAN port.  This will ensure the AX55 web interface shows an internet connection.  The LAN port will work but you may see a red X in the Network Map of the interface for the connection.


3. Set the static IP address in the AX55 as follows:
Internet Connection Type:  Static IP
IP Address:  192.168.100.2
Subnet Mask:  255.255.255.0
Default Gateway:  192.168.100.1
DNS Servers:  8.8.8.8 and 8.8.4.4  (these are the Google servers or you can use any others of your choosing)

 

4.  If you disabled the DHCP server in Router 1, then set the DHCP server in the AX55 to "On".  For the address pool, I would use something like 192.168.100.32 to 192.168.100.199 which will give you more than enough IP addresses while leaving some addresses free for static assignments.  If you left the DHCP server enabled in Router 1, then set the DHCP server in Router 2 to OFF.  It could be left in Auto but it is better to set it to Off.

 

At this point, you should not have any more address conflicts.

 

 

  0  
  0  
#2
Options
Re:Need help setting up the openvpn client on secondary router Archer AX55-Solution
2024-05-02 14:06:14 - last edited 2024-05-06 09:02:45

  @jra11500 

 

Thank you very much for the detailed explanation. That helps me a lot to understand the logic behind it.

I have managed to achieve the goals I want with some questions left to ask.

 

I have tried the following after your suggestion

 

Router 1

1. IP - 192.168.100.1

2. DHCP - ON (just for in case I want to plug ethernet and change setting again which I also later noticed I can access while connected from router 2).

3. Pool - 192.168.100.10 to 100

4. WIFI - OFF

 

Router 2

1. WAN IP - 192.168.100.2 (I need to mention WAN because there is also LAN IP).
    Default Gateway - 192.168.100.1

2. Lan IP - 192.168.0.1 (Default LAN IP which router do NOT allow to make same under subnet 192.168.100.***)

3. DHCP - ON 

4. Pool - 192.168.0.10 to 100  (Again router only allow the same subnet to LAN IP).

5. WIFI - ON

 

With these setting, the router 2 now works like I want it to. 

But I get to know that this kind of setting create two different network: one with subnet 192.168.100.1 and another 192.168.0.1.

Router 2 devices can reach to router 1 devices but NOT in opposite. (is it something called double NAT?)

And I see people say that it is not a recommended setting.

 

So my final concern is that can I just leave the setting as it is now. Or is there some more setting I should do to make it perfect?

My family will use for some social media, youtube.

I, myself, in addition to above, play some MMO games and other online game like Counter strike 2.

Will there be any impact on these usage. If the impact will be very small and need expertise knowledge to make it perfect, I might just leave it as it is now.

Thanks.

 

 

Recommended Solution
  0  
  0  
#3
Options
Re:Need help setting up the openvpn client on secondary router Archer AX55
2024-05-02 16:58:02

  @shwelone 

 

The steps in my prior post assumed your AX55 was in access point (AP) mode, not wireless router mode.  After checking my AX55 in AP mode, I see the VPN features are not available.  If you are using OpenVPN, then the AP mode can not be used.  I overlooked that point.

 

With your current configuration, everything should work OK.  Yes, in your case there are two subnets, one for each router.  It is normal for Router 2 devices to reach Router 1 devices.  This does not work in the opposite direction (Router 1 to Router 2) because the AX55 router firewall does not allow any Router 1 device to initiate a connection to the AX55 LAN..

 

Both of your routers are using NAT (Network Address Translation) which is a "one-to-many" way of connecting multiple devices to the internet using a single IP address.  Your Router 2 devices are using double NAT which, most of the time, works fine.  I am not a gamer but game devices sometimes don't work with double NAT.  If you have problems with your gaming, there are several things you can do.  The first would be to connect the gaming device to Router 1.  The second would be to open the ports on Router 2 that your gaming device requires. If you need further assistance with a gaming configuration, just start another thread in this forum and I'm sure someone will be able to help you.

 

Good luck!

 

 

 

  0  
  0  
#4
Options
Re:Need help setting up the openvpn client on secondary router Archer AX55
2024-05-02 17:59:31

  @jra11500 

 

I see. I will stick with this configuration and check if I encounter any problem in future then.

Thanks a lot for the help and explanation!

 

 

  0  
  0  
#5
Options
Re:Need help setting up the openvpn client on secondary router Archer AX55
2024-05-02 19:29:13

There's a workaround using AX55 in wireless router mode without a second NAT - AP mode (Case 2).

In this scenario you should connect ISP router LAN port to AX55 LAN port.

Thus, you'll have OpenVPN feature available and won't introduce double NAT in your local network.

If this was helpful click once on the arrow pointing upward. If this solves your issue, click once the star to mark it as a "Recommended Solution".
  0  
  0  
#6
Options
Re:Need help setting up the openvpn client on secondary router Archer AX55
2024-05-03 15:43:37 - last edited 2024-05-03 16:19:41

  @terziyski 

 

Today I tested the workaround with an AX55 in wireless router mode and connected it LAN-to-LAN with the main router (also an AX55).  In this configuration, I was unable to set up a SurfShark OpenVPN connection which does work on the main router.  When enabling the connection to the server, the GUI displays "Connecting" and after a few seconds "Disconnecting", followed by "Disconnected".  Afterwards, re-enabling the server connection on the main router worked perfectly meaning the configuration file is OK.

 

After reconfiguring the second AX55 (now WAN-to-LAN), the OpenVPN connection works fine even though it is working through double NAT.  It would appear that the router needs to use the WAN port for setting up a VPN client connection.

 

 

 

  0  
  0  
#7
Options
Re:Need help setting up the openvpn client on secondary router Archer AX55
2024-05-03 16:26:06

  @jra11500 

 

Well, that's worth a try to avoid the double NAT - thanks for the effort testing this topology.

If this was helpful click once on the arrow pointing upward. If this solves your issue, click once the star to mark it as a "Recommended Solution".
  0  
  0  
#8
Options