What's new

VPN in AP Mode

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Nogtail

New Around Here
I have a RT-87U used as an access point behind my ISP's piece of s*** ™ router. I'd like to use the OpenVPN server to access my local network when I'm away from home.

I can enable the VPN server in in access point mode by going to /Advanced_VPN_OpenVPN.asp. After port forwarding I can access the router over the VPN, however I can't access any other devices on the local network.

I've looked at openvpn.c and it seems to be doing some routing/firewall stuff. I'm no expert but I'll assume this is specific to the router mode and is preventing me accessing other devices when in AP mode.

Is there a way of using the OpenVPN server in access point mode?

Note: for various reasons I have to use my ISP's router and I'd rather not double NAT.

Thanks!
 
I have a RT-87U used as an access point behind my ISP's piece of s*** ™ router. I'd like to use the OpenVPN server to access my local network when I'm away from home.

I can enable the VPN server in in access point mode by going to /Advanced_VPN_OpenVPN.asp. After port forwarding I can access the router over the VPN, however I can't access any other devices on the local network.

I've looked at openvpn.c and it seems to be doing some routing/firewall stuff. I'm no expert but I'll assume this is specific to the router mode and is preventing me accessing other devices when in AP mode.

Is there a way of using the OpenVPN server in access point mode?

Note: for various reasons I have to use my ISP's router and I'd rather not double NAT.

Thanks!
Vpn mode operate in router mode. I am not aware any workaround, may be other member can tell you different options.
 
Did you TUN or TAP? Try the other to what your did (one is L2 and the other is L3 routed)

I’m a bit surprised if the VPN works and you can access the router other devices don’t also to be honest.


Sent from my iPhone using Tapatalk
 
Did you TUN or TAP? Try the other to what your did (one is L2 and the other is L3 routed)

I’m a bit surprised if the VPN works and you can access the router other devices don’t also to be honest.


Sent from my iPhone using Tapatalk
I was originally using TUN.

I tried again with TAP and it worked flawlessly, thanks for the suggestion!

I'd rather use TUN if anyone knows a way of making it work. Has anyone tried manually configuring OpenVPN? I understand there is a writable area of flash that scripts can be stored?

Thanks again!

Edit:
With TUN in a subnet topology, is there any NAT occurring? My local network is 10.0.0.x and VPN clients are on a 10.8.0.x subnet. If there is no NAT between networks then packets would be directed towards the router which presumably discards them, perhaps explaining why TUN isn't working. I really have no idea what I'm talking about so correct me if I'm wrong.
 
Last edited:
With TUN the VPN Server is doing NAT yes, which actually is probably why that doesn’t work...
Normally in router mode it would NAT client traffic to its own local LAN IP/Ports, in AP mode the AP has a local IP on its WAN port, which I’m surmising is messing with the VPN server settings as ports are not where it expects as it’s not in router mode.
You might be able to work around it by putting it in router mode, disabling DHCP (and other router functions) and connect it via its LAN ports to the ISP’s router (leaving its WAN port disconnected). This would require the VPN server to listen on the LAN side as well as WAN side (which I’m not sure it does).


Sent from my iPhone using Tapatalk
 
I have a RT-87U used as an access point behind my ISP's piece of s*** ™ router. I'd like to use the OpenVPN server to access my local network when I'm away from home.

I can enable the VPN server in in access point mode by going to /Advanced_VPN_OpenVPN.asp. After port forwarding I can access the router over the VPN, however I can't access any other devices on the local network.

I've looked at openvpn.c and it seems to be doing some routing/firewall stuff. I'm no expert but I'll assume this is specific to the router mode and is preventing me accessing other devices when in AP mode.

Is there a way of using the OpenVPN server in access point mode?

Note: for various reasons I have to use my ISP's router and I'd rather not double NAT.

Thanks!
Get your own modem to replace your ISP router and use your ac87 as a router or learn to live with double nat.

Some isp routers can be put in bridge mode. If that's possible, you can use your router as a router.

or last option use something like tinc to establish the outgoing connection and reverse shell.

https://www.tinc-vpn.org/
 
Get your own modem to replace your ISP router and use your ac87 as a router or learn to live with double nat.

Some isp routers can be put in bridge mode. If that's possible, you can use your router as a router.

or last option use something like tinc to establish the outgoing connection and reverse shell.

https://www.tinc-vpn.org/
I'm using the ISP's router as a VoIP adaptor, and my ISP refuses to release VoIP details so I can't use another device. VoIP data is also given dedicated bandwidth so I can't throw the ISP's box behind another router or it doesn't work. Putting it in bridge mode works but also disables all VoIP functionality.

I've tried a double NAT but it causes issues with a bunch of online games, even when within router 1's DMZ.

The ISP keeps patching the firmware to remove anything remotely useful. It was originally possible to Telnet or SSH into the router, now you can't even set your own DNS server.
 
I'm using the ISP's router as a VoIP adaptor, and my ISP refuses to release VoIP details so I can't use another device. VoIP data is also given dedicated bandwidth so I can't throw the ISP's box behind another router or it doesn't work. Putting it in bridge mode works but also disables all VoIP functionality.

I've tried a double NAT but it causes issues with a bunch of online games, even when within router 1's DMZ.

The ISP keeps patching the firmware to remove anything remotely useful. It was originally possible to Telnet or SSH into the router, now you can't even set your own DNS server.

Never combine services. Better to use ooma or vonage and port your number over. Voip uses almost no bandwith (all of 56 to 128kb/s) and will just about have no impact on your traffic. Get our own modem and switch to ooma for voip.

You can try to live with double nat, but will have to setup double port forwarding. It won't be pretty and will not support upnp.
 
Never combine services. Better to use ooma or vonage and port your number over. Voip uses almost no bandwith (all of 56 to 128kb/s) and will just about have no impact on your traffic. Get our own modem and switch to ooma for voip.

You can try to live with double nat, but will have to setup double port forwarding. It won't be pretty and will not support upnp.
You overestimate my connection speed! During peak times speeds can be around 100kb/s with 50% packet loss. All providers in my area bundle a phone connection with the internet and I can't afford to pay for a secondary VoIP service. The only other option would be satellite - and I'm not willing to endure satellite latency.
 
You overestimate my connection speed! During peak times speeds can be around 100kb/s with 50% packet loss. All providers in my area bundle a phone connection with the internet and I can't afford to pay for a secondary VoIP service. The only other option would be satellite - and I'm not willing to endure satellite latency.

Wow, don’t think I’ve had those speeds since the late nineties! How do you do anything aside from ping!? [emoji23]


Sent from my iPhone using Tapatalk
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top