Page 1 of 2 1 2 LastLast
Results 1 to 10 of 12
  1. #1
    New ROGer Array
    Join Date
    Jun 2021
    Reputation
    18
    Posts
    10

    Question Setting up access to LAN with OpenVPN?

    I have my OpenVPN setup and configured, and I can connect - but the only thing I can access is the router itself.

    I do have the configuration set to push LAN to clients, and my config allows clients to access LAN and Internet - but I still cannot connect (or even ping) anything that is on the LAN tht is not the router itself.

    any ideas?


    -EDIT : Actually, I think I am seeing the issue... I have some NetGear switches plugged into my ASUS Router, and it is the devices plugged into those switches that I am not able to reach. I am assuming a static route is needed somewhere?
    Last edited by CanadaBri; 06-28-2021 at 02:27 PM.

  2. #2
    TeamROG Moderator Array xeromist PC Specs
    xeromist PC Specs
    Laptop (Model)Dell Inspiron 15 7567
    MotherboardMSI x470 Gaming Plus
    ProcessorAMD 2600X
    Memory (part number)16GB Crucial Ballistix Elite 3600
    Graphics Card #1ASUS GTX 1080 Strix
    MonitorBenQ BL3200PT
    Storage #1Intel 600p NVMe
    CPU CoolerWraith
    Casecustom Antec 900
    Power SupplyCorsair HX1000
    Keyboard Logitech Orion Spark
    Mouse Logitech MX500
    Headset Plantronics 777 with Oregon Aero upgrade
    xeromist's Avatar
    Join Date
    Jul 2010
    Reputation
    367
    Posts
    8,343

    Unless your switches are doing network segmentation with vlans or something a normal switch should be transparent. Any chance you can test plugging something directly into the router to be sure?
    * Support disease research with Folding@Home *

    < < < Click the drop-down above my avatar for my PC specs!

  3. #3
    ROG Guru: Orange Belt Array HK-47's Avatar
    Join Date
    Feb 2012
    Reputation
    25
    Posts
    324

    In order for your for you to get access to your lan you need to add a client1 user like I have in the picture attached. You will need to change the subnet to what you have configured in your vpn settings. Also if you are using the VPN fusion along side the VPN server make sure the VPN fusion and VPN server subnets don't conflict. You can check the routing tab under logs. TUN21 will be your routing for the VPN server. Tun15 will be vpn fusion.

    Click image for larger version. 

Name:	SmartSelect_20210702-083817_Chrome.jpg 
Views:	1 
Size:	1,019.0 KB 
ID:	89221

    Click image for larger version. 

Name:	SmartSelect_20210702-084817_Chrome.jpg 
Views:	0 
Size:	71.8 KB 
ID:	89222
    Miniatura de Adjuntos Miniatura de Adjuntos SmartSelect_20210702-082739_Chrome.jpg  

    Last edited by HK-47; 07-02-2021 at 12:49 PM.
    -Desktop-
    Asus Crosshair VIII Dark Hero / AMD 5800x / 32GB Corsair Dominator Platinum RBG (CMT32GX4M4C3600C18) @ 3800 /2x Sabrent 1TB Rocket NVMe 4.0 (Raid 0)/ 1x Samsung 860 Evo SSD / Corsair AX1200 PSU / ASUS Strix Helios Case / Corsair HydroX Custom Loop D5, CX7, XG7 420+280 Rad/ Asus Strix 3090 / Asus PG35VQ Ultrawide Monitor / Corsair Commander PRO 3x ql120, 4x ql140 fans / Edifier 1850DB Speakers + T5 Sub /
    Asus Theta 7.1 Headset

  4. #4
    New ROGer Array
    Join Date
    Jun 2021
    Reputation
    18
    Posts
    10

    Quote Originally Posted by HK-47 View Post
    In order for your for you to get access to your lan you need to add a client1 user like I have in the picture attached. You will need to change the subnet to what you have configured in your vpn settings. Also if you are using the VPN fusion along side the VPN server make sure the VPN fusion and VPN server subnets don't conflict. You can check the routing tab under logs. TUN21 will be your routing for the VPN server. Tun15 will be vpn fusion.
    Just asking to clarify,

    If my local LAN subnet is (for example) 192.168.123.0 and my VPN subnet is 10.8.0.0 (I think that is default?)... are you saying to change the VPN subnet config to the LAN config, or to change the subnet setting on the user to my LAN subnet?

  5. #5
    ROG Guru: Orange Belt Array HK-47's Avatar
    Join Date
    Feb 2012
    Reputation
    25
    Posts
    324

    You need to make the client1 match your vpn subnet settings. See in my picture my vpn subnet is 10.100.0.0 and client1 is 10.100.0.0. You would need to make client1 10.8.0.0.
    Also make sure everything else is checked like my picture.

    Also If you look at the routing log when the server is setup you should see
    10.8.0.0 to 10.8.0.2 tun21
    then
    10.8.0.2 to * tun21
    The * is your everything on the router.
    Last edited by HK-47; 11-01-2021 at 01:09 PM.
    -Desktop-
    Asus Crosshair VIII Dark Hero / AMD 5800x / 32GB Corsair Dominator Platinum RBG (CMT32GX4M4C3600C18) @ 3800 /2x Sabrent 1TB Rocket NVMe 4.0 (Raid 0)/ 1x Samsung 860 Evo SSD / Corsair AX1200 PSU / ASUS Strix Helios Case / Corsair HydroX Custom Loop D5, CX7, XG7 420+280 Rad/ Asus Strix 3090 / Asus PG35VQ Ultrawide Monitor / Corsair Commander PRO 3x ql120, 4x ql140 fans / Edifier 1850DB Speakers + T5 Sub /
    Asus Theta 7.1 Headset

  6. #6
    ROG Guru: Orange Belt Array HK-47's Avatar
    Join Date
    Feb 2012
    Reputation
    25
    Posts
    324

    Also I don't use the default 10.8.0.0 vpn subnet because I also use vpn fusion that connects to Nord vpn. Nord was handing out 10.8.0.0 address and it was conflicting with the vpn server on the router. They were both giving out the 10.8.0.0. So when clients would connect to my vpn server on the router they were being routed to NordVPN.
    -Desktop-
    Asus Crosshair VIII Dark Hero / AMD 5800x / 32GB Corsair Dominator Platinum RBG (CMT32GX4M4C3600C18) @ 3800 /2x Sabrent 1TB Rocket NVMe 4.0 (Raid 0)/ 1x Samsung 860 Evo SSD / Corsair AX1200 PSU / ASUS Strix Helios Case / Corsair HydroX Custom Loop D5, CX7, XG7 420+280 Rad/ Asus Strix 3090 / Asus PG35VQ Ultrawide Monitor / Corsair Commander PRO 3x ql120, 4x ql140 fans / Edifier 1850DB Speakers + T5 Sub /
    Asus Theta 7.1 Headset

  7. #7
    New ROGer Array Jimbo93 PC Specs
    Jimbo93 PC Specs
    Laptop (Model)ABS Master Gaming PC
    MotherboardASUS Prime B560M-A AC
    ProcessorINTEL i5 10400F
    Memory (part number)G.SKILL F4-3200C16D-16GVKB x 2
    Graphics Card #1ASUS DUAL-RTX3060TI-O8G-V2
    Sound CardRealTek HD
    MonitorSAMSUNG 40" LCD
    Storage #1INTEL 660p NVMe SSD PEKNW512GB
    CPU CoolerTHERMALTAKE UX100 ARGB
    CaseTUF GAMING GT301
    Power SupplyASUS TUF GAMING BRONZE 650W
    Keyboard TUF GAMING K1
    Mouse TUF GAMING M3
    Headset/Speakers Cambridge Works PC
    OS Win 11 Pro 21H2 22000.652
    Accessory #1 Windows Feature Experience Pack 1000.22000.652.0

    Join Date
    Oct 2021
    Reputation
    80
    Posts
    528

    Quote Originally Posted by CanadaBri View Post
    I have my OpenVPN setup and configured, and I can connect - but the only thing I can access is the router itself.

    I do have the configuration set to push LAN to clients, and my config allows clients to access LAN and Internet - but I still cannot connect (or even ping) anything that is on the LAN tht is not the router itself.

    any ideas?


    -EDIT : Actually, I think I am seeing the issue... I have some NetGear switches plugged into my ASUS Router, and it is the devices plugged into those switches that I am not able to reach. I am assuming a static route is needed somewhere?
    Switches shouldn't matter. Did you set up DHCP with static address for the client(s) on the LAN? The client hardware address is entered there in the router, then DHCP always gives same address to the client, even though client is set to automatic DHCP. Port forwarding is the other part to get through the router firewall. That directs the incomming traffic on a port to the client by the private IP address.

    Not sure if is this is helpful, but when I needed to VPN into my office from home without opening ports on a router, I would have the office computer automatically establish a tunnel out to the home computer. Been awhile now and the details are a little foggy.

  8. #8
    New ROGer Array
    Join Date
    Oct 2021
    Reputation
    10
    Posts
    1

    Same issue here

    I matched the setting in the images exactly and I still can't get LAN thru TUN... In fact my friend has the exact same router and I tried it with his and he also has the same issue. I'm starting to wonder if it is a firmware problem. When I try TAP the VPN connection becomes unstable and the TAP Adapter goes from showing internet to no internet repeatedly every 30 seconds to one minute... This also happens on my friends router. Pretty much OpenVPN is completely non-functional on 2 routers. I have even completely reset the router and same problems return. I'm tempted to try an older firmware if this router lets you downgrade just to see what happens. Any thoughts? Thank you for your time guys!

    Update: Keep playing with and in part realized the error of ways.. so when I reset the router I forget to give the NAS a static IP back so I was sending a ping to the wrong IP. With the settings from HK-47 I do in fact have LAN access to at least ping but I am unable to access the NAS ( //nas ) via file explorer or map a network drive via IP and I can not see any other clients on the LAN under file explorer either. I still have no idea why TAP acts up or I would just use that.
    Last edited by JayH1998; 11-03-2021 at 02:37 AM. Reason: Added more info and thoughts

  9. #9
    ROG Guru: Orange Belt Array HK-47's Avatar
    Join Date
    Feb 2012
    Reputation
    25
    Posts
    324

    It should be \\ip of nas\

    you are using //?

    Also check if you can get to the web interface of the NAS over vpn. If so check the firewall settings of the NAS. I have a Synology Nas connected to my router and am able to get to it over VPN. Also turn the firewall off on windows and the NAS and the check the firewall on the router. If you can ping it it should be working. Also make sure you re-download the config file. Are you using windows? If so do you have the file discovery turned on?

    Can you show a screen shot of your routing log from the router? And what ststic ip address are you using for the NAS? Can you access the NAS locally on the network without vpn?
    Last edited by HK-47; 11-03-2021 at 02:51 PM.
    -Desktop-
    Asus Crosshair VIII Dark Hero / AMD 5800x / 32GB Corsair Dominator Platinum RBG (CMT32GX4M4C3600C18) @ 3800 /2x Sabrent 1TB Rocket NVMe 4.0 (Raid 0)/ 1x Samsung 860 Evo SSD / Corsair AX1200 PSU / ASUS Strix Helios Case / Corsair HydroX Custom Loop D5, CX7, XG7 420+280 Rad/ Asus Strix 3090 / Asus PG35VQ Ultrawide Monitor / Corsair Commander PRO 3x ql120, 4x ql140 fans / Edifier 1850DB Speakers + T5 Sub /
    Asus Theta 7.1 Headset

  10. #10
    New ROGer Array
    Join Date
    Jun 2021
    Reputation
    18
    Posts
    10

    Quote Originally Posted by HK-47 View Post
    Also I don't use the default 10.8.0.0 vpn subnet because I also use vpn fusion that connects to Nord vpn. Nord was handing out 10.8.0.0 address and it was conflicting with the vpn server on the router. They were both giving out the 10.8.0.0. So when clients would connect to my vpn server on the router they were being routed to NordVPN.
    Thanks - I have changed my VPN IP setting to 10.100 also.

    I had created a VPN user in the main menu are (VPN > OpenVPN).

    When you go to advanced settings, and have client specific options... I assume this is a different user now? I would have to use a different user name, or delete the other one and add it here?

Page 1 of 2 1 2 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •