How do i route OpenVPN subnet to local
I have configured OpenVPN on my AX1500 with the following settings:
Service Type: UDP
Service Port: 1194
VPN Subnet: 192.168.1.0
Netmask: 255.255.255.0
Client acces: internet and home network
I couldn't set the subnet to 192.168.0.0
If i connect a client to the VPN it gives an local ip of 192.168.1.X. Hereby i can't acces my fileserver because that has an local ip of 192.168.0.X
Now i don't know a lot about networking, but i've think i figured out that i need to route the VPN subnet the local subnet (192.168.1.X to 192.168.0.X)
If i want to add a routing entry i need to fill in the following items:
Network Destination:
Subnet Mask:
Default gateway:
Interface:
Description:
Can someone please help me configure this / give me other options / or tips ??? Please :)
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hello, thanks for asking.
Please help verify some details and we will try to figure it out:
1. Kindly check the below VPN setup instructions again to confirm all the settings on the AX1500 are correct:
How to use OpenVPN to access your home network through the Wi-Fi Routers
BTW, please also provide us your network topology.
2. Please check the VPN Tunnel: login the web interface, and on the VPN Server-> VPN Connections, we can see the status of the VPN Server, confirm if there is a VPN connection enabled. If not, which means the VPN setup is not successful.
3. Check the Firewall and Anti-Virus software on the server: generally, Windows Firewall would block the packages from the VPN Client, disabling the firewall on Windows PC for "public" and "private" network will be helpful. Windows Firewall is located at "Control panel->System and Security->Windows Firewall/Windows Defender Firewall".
May it help.
- Copy Link
- Report Inappropriate Content
Hello, thanks for asking.
Please help verify some details and we will try to figure it out:
1. Kindly check the below VPN setup instructions again to confirm all the settings on the AX1500 are correct:
How to use OpenVPN to access your home network through the Wi-Fi Routers
BTW, please also provide us your network topology.
2. Please check the VPN Tunnel: login the web interface, and on the VPN Server-> VPN Connections, we can see the status of the VPN Server, confirm if there is a VPN connection enabled. If not, which means the VPN setup is not successful.
3. Check the Firewall and Anti-Virus software on the server: generally, Windows Firewall would block the packages from the VPN Client, disabling the firewall on Windows PC for "public" and "private" network will be helpful. Windows Firewall is located at "Control panel->System and Security->Windows Firewall/Windows Defender Firewall".
May it help.
- Copy Link
- Report Inappropriate Content
Hi @Kevin_Z
I've went through the info you've sent but it still hasn't given me simple answer.
My setup:
PC with OpenVPN client ---- [Internet] ----- TL-MR150 ------- LAN (192.168.1.0/24)
I am able to sucessfully open vpn connection and under VPN>VPN connections I am able to see my connected PC. Also on PC I see it has assigned IP address from the pool given in VPN>OpenVPN setup (10.8.0.0/24). In my case it is 10.8.0.6.
ARP table taken from Network>Static Routing on TL-MR150 looks like this:
ID | Network Destination | Subnet Mask | Gateway | Interface |
---|---|---|---|---|
1 | 10.8.0.2 | 255.255.255.255 | 0.0.0.0 | LTE |
2 | 46.77.89.72 | 255.255.255.252 | 0.0.0.0 | LTE |
3 | 10.8.0.0 | 255.255.255.0 | 10.8.0.2 | LTE |
4 | 192.168.1.0 | 255.255.255.0 | 0.0.0.0 | LAN & WLAN |
5 | 0.0.0.0 | 0.0.0.0 | 46.77.89.73 | LTE |
I am able to ping from 10.8.0.6 to 10.8.0.1 and from 10.8.0.1 to 10.8.0.6 which would mean VPN is working. What I need to setup to be able to ping from 10.8.0.6 to any address in my local network (i.e. 192.168.1.100)?
Thanks in advance :)
- Copy Link
- Report Inappropriate Content
Hi, Based on your request, there is no need to configure additional static routing tables on the MR150.
When you enable the OpenVPN server and check "home network only" or "internet and home network" for client access, the OpenVPN clients are able to access the local network directly.
So your current issue is more related to the settings on the local network server.
Would you please help me check the following information:
1. When you mentioned that you are able to ping from 10.8.0.6 to 10.8.0.1, vice versa, do you mean different VPN clients are able to ping each other?
2. In the local network(192.168.1.xxx), could you please check whether the LAN clients are able to ping each other, especially the LAN server 192.168.1.100?
If yes, please send an email to support.forum@tp-link.com with the following information:
1. A picture of the Advanced>Status
2. A screenshot of the VPN connection page under Advanced>VPN>VPN connection.
3. A copy of the OpenVPN certificate.
Thank you very much.
- Copy Link
- Report Inappropriate Content
"When you enable the OpenVPN server and check "home network only" or "internet and home network" for client access, the OpenVPN clients are able to access the local network directly."
Unfortunatelly that does not work. At least on MR150 router. Attempt to assigning VPN IP address same as LAN network (192.168.1.x/24) returns error.
So on MDR150 I see 2 subnets 10.8.0.x/24 and 192.168.1.x/24 which cannot talk to each other.
1. When you mentioned that you are able to ping from 10.8.0.6 to 10.8.0.1, vice versa, do you mean different VPN clients are able to ping each other?
10.8.0.6 VPN client on external PC,
10.8.0.1 MDR150 address after turning on VPN on it
2. In the local network(192.168.1.xxx), could you please check whether the LAN clients are able to ping each other, especially the LAN server 192.168.1.100?
all devices inside 192.168.1.x can ping each other
I'll update pictures later on.
- Copy Link
- Report Inappropriate Content
Hi,
I was able to resolve one of the issues - the described above was caused that LANs on both VPN connection had the same settings 192.168.1.x/24. Changing one of LAN's settings to 192.168.10.x/24 resolved the problem and now I can ping from my VPN client PC into my local network.
2nd issue that I have is that from my VPN client I am not able to reach router configuration page (192.168.1.1). The error that I get is 403 forbidden. What am I doing wrong? How can I reach TL-MR150 from VPN client's machine. Please note that I do not want to enable "Remote Management" option as it opens additional possibility of security risk. I want to access router configuration page from Internet only when VPN connection is established.
Many thanks in advance :)
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 8061
Replies: 5
Voters 0
No one has voted for it yet.