tymchyshyn90
Occasional Visitor
Hello!
My router is RT-AC66U_B1 (FW Merlin AC68U 384.14_2)
Two openvpn servers work on it:
1. TAP. My private computer connect and works well. Receive IP 192.168.0.11 and have access to all LAN resources. On WEB interface I set - Client will use VPN to access LAN only.
2. TUN (10.16.0.0) I connect with my iPhone (TAP not supported). And sometimes my friends can connect. Clients use VPN to access LAN and INTERNET (set Both).
I used only one server TUN before. Clients used LAN and internet over openvpn. The most important thing why I use VPN - remote control PC via RD client. I installed openvpn client on my PC with non-public IP. Than I made Port Forwarding to openvpn client. For example, I can connect to my remote PC like this - DDNSname : port. The advantage is that it doesn't need client's public IP. It's very simple and easy.
But few days ago I decided to run another server (TAP). Because this is better for LAN resources access. And I don't want that remote PC use my internet. I set LAN only access on my router. And I saw some problem. My method with port forwarding doesn't work anymore. I tried connect my iphone to TUN server. And another problem. I can't connect to 192.168.0.11 (PC over TAP). But from LAN this IP ping ok. I found out that the two VPN networks have route with LAN, but don't have between each other.
I solved this problem. On TAP server configuration in Allowed Clients fields I put 10.16.0.0 255.255.255.0. After that I can connect to 192.168.0.11 when I connected to TUN.
But first problem not solved, and I need your help. I found out that I can't connect with port forwarding only when LAN only is set in server configuration. When I set Both (LAN+internet) everything works fine and as I wish. But I don't want that client use internet over vpn. How can I do that?
Thank You!
My router is RT-AC66U_B1 (FW Merlin AC68U 384.14_2)
Two openvpn servers work on it:
1. TAP. My private computer connect and works well. Receive IP 192.168.0.11 and have access to all LAN resources. On WEB interface I set - Client will use VPN to access LAN only.
2. TUN (10.16.0.0) I connect with my iPhone (TAP not supported). And sometimes my friends can connect. Clients use VPN to access LAN and INTERNET (set Both).
I used only one server TUN before. Clients used LAN and internet over openvpn. The most important thing why I use VPN - remote control PC via RD client. I installed openvpn client on my PC with non-public IP. Than I made Port Forwarding to openvpn client. For example, I can connect to my remote PC like this - DDNSname : port. The advantage is that it doesn't need client's public IP. It's very simple and easy.
But few days ago I decided to run another server (TAP). Because this is better for LAN resources access. And I don't want that remote PC use my internet. I set LAN only access on my router. And I saw some problem. My method with port forwarding doesn't work anymore. I tried connect my iphone to TUN server. And another problem. I can't connect to 192.168.0.11 (PC over TAP). But from LAN this IP ping ok. I found out that the two VPN networks have route with LAN, but don't have between each other.
I solved this problem. On TAP server configuration in Allowed Clients fields I put 10.16.0.0 255.255.255.0. After that I can connect to 192.168.0.11 when I connected to TUN.
But first problem not solved, and I need your help. I found out that I can't connect with port forwarding only when LAN only is set in server configuration. When I set Both (LAN+internet) everything works fine and as I wish. But I don't want that client use internet over vpn. How can I do that?
Thank You!