What's new

VPN question

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Diveblaster

Regular Contributor
Hi
First I thank you so much for your work Merlin.
I have just 4 simple questions regarding VPN setup. Im using RT-AC66U with ur latest firmware 380.58.
In the picture beneath i circled the sentences.

vpn.jpg


What does the following mean and when do I use them to get things working?
1. Push LAN to Clients
2. Direct clients to redirect Internet traffic
3. Respond to DNS
4. Advertise DNS to clients

Regards
Dive
 
Last edited:
What does the following mean and when do I use them to get things working?
1. Push LAN to Clients

Push a route to the VPN clients so they know to use the VPN tunnel to be able to remotely access a device on your LAN through their IP.
2. Direct clients to redirect Internet traffic

As it says, it tells connected clients to use the VPN tunnel for all Internet traffic.

3. Respond to DNS

Allows clients to connect to the DNS server that runs on the router, so they can, for example, resolve hostnames of the LAN devices.

4. Advertise DNS to clients

Tell the clients the IP address of the router that they can use as a DNS server.
 
Push lan to clients, see http://www.snbforums.com/threads/prevent-lan-access-from-openvpn.20058/#post-144944

Direct clients to redirect Internet traffic, see http://www.snbforums.com/threads/op...nnection-for-remote-support.11552/#post-72081 (you would set this to yes only if you were, for example, connected to a remote public wifi and wanted to browse the Internet safely by setting up a secure vpn tunnel back to your router and then come (unencrypted) back out onto the Internet. So all your traffic from your client to your home router is encrypted.)

Respond to DNS, see http://www.snbforums.com/threads/asuswrt-merlin-3-0-0-4-374-38-is-out.14691/page-14#post-98877

Advertise DNS to clients - I can't find an explanation from Merlin on this one, but I think it means tell the remote, vpn-connected clients to use the home router for any DNS queries.


EDIT: Well you now have the definitive answer on ALL the options.
 
Ty both for a splendid answer.
Most humble Dive
 
Yes. Thanks for an excellent question, and answers of course.
 
Further to the original posters questions perhaps the settings listed below can be explained further as I found no information to allow me to understand what they do.

upload_2016-6-12_14-31-3.png


Interface type = if I choose TUN and then select Respond to DNS enabled will VPN clients be able to resolve hostnames on the network or will I still have to use TAP instead in order to resolve hostnames when on VPN
Protocol = UDP or TCP?
Firewall = Auto, external only or Custom? What do they do
Manage Client-Specific Options = What do the various options do

Thanks very much
 

Attachments

  • upload_2016-6-12_14-27-58.png
    upload_2016-6-12_14-27-58.png
    320.1 KB · Views: 427
For TUN vs. TAP and the differences/benefits - check link below;

https://community.openvpn.net/openvpn/wiki/BridgingAndRouting

As for TCP vs. UDP - there are valid applications for both - TCP has a bit more overhead, but on a noisy/lossy link, TCP has the advantage.

As for the other items, it boils down to what the desired goal is - whether you're bridging two sites, or providing remote access into the LAN.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top