Access devices connected to the router and the router itself through VPN

Pintset

New Around Here
Hello!

My Internet provider does not allow to have static ipv4 address so my ASUS router ac68u cannot be accessed from the Internet by IP address. It has local address of 192.168.1.1. Trying to solve that I have created OpenVPN server outside my home network, and was able to set up client on the router and connect it to the OpenVPN server successfully (IP assigned). Then I have installed OpenVPN client on my computer and also connected it to OpenVPN server. So technically my router and my computer are on the same network, and have IPs like 10.8.0.8 (computer) 10.8.0.9 (router). However, I cannot ping, ssh, or access router GUI from my computer by its VPN ip address (10.8.0.9) when "Redirect Internet traffic through tunnel" set to No. And I am able to SSH it by that IP when that setting is set to Yes (all). But GUI is not accessible by that IP (and by 192.168.1.1. of course).

So, is it possible somehow to set up router in my case, may be some combination of VPN Client, VPN Server (on router), some settings on OpenVPN server in the Internet, so I access my router and its network and devices remotely through OpenVPN server located in the Internet? Maybe even use local internet from the router (like VPN server)?

The final goal I would like to achieve is to set up asterisk with GSM dongle on the router (I have dongle and instructions), and somehow connect SIP client to my router without having static IP address but by using of outside (my own) OpenVPN server for that. Is that possible?

Also, I believe it will be possible to solve this problem by having a separate computer for asterisk server connected to my OpenVPN server i.e., not using router as an asterisk server. However, I will be the only user of that server (need it to make and received local calls while I am abroad) and I don't want to have a separate piece of hardware always on for that when Asterisk can be installed on the router.

Thank you!
 
Last edited:

metahome

New Around Here
Pintset, the RC-AC68U can use a free DDNS service so you can create a domain name and the router will update the DDNS with its current IP address. Then you just configure your DDNS domain name in your VPN client and it will connect to the current IP address of you router.
 

bbunge

Part of the Furniture
Hello!

My Internet provider does not allow to have static ipv4 address so my ASUS router ac68u cannot be accessed from the Internet by IP address. It has local address of 192.168.1.1. Trying to solve that I have created OpenVPN server outside my home network, and was able to set up client on the router and connect it to the OpenVPN server successfully (IP assigned). Then I have installed OpenVPN client on my computer and also connected it to OpenVPN server. So technically my router and my computer are on the same network, and have IPs like 10.8.0.8 (computer) 10.8.0.9 (router). However, I cannot ping, ssh, or access router GUI from my computer by its VPN ip address (10.8.0.9) when "Redirect Internet traffic through tunnel" set to No. And I am able to SSH it by that IP when that setting is set to Yes (all). But GUI is not accessible by that IP (and by 192.168.1.1. of course).

So, is it possible somehow to set up router in my case, may be some combination of VPN Client, VPN Server (on router), some settings on OpenVPN server in the Internet, so I access my router and its network and devices remotely through OpenVPN server located in the Internet? Maybe even use local internet from the router (like VPN server)?

The final goal I would like to achieve is to set up asterisk with GSM dongle on the router (I have dongle and instructions), and somehow connect SIP client to my router without having static IP address but by using of outside (my own) OpenVPN server for that. Is that possible?

Also, I believe it will be possible to solve this problem by having a separate computer for asterisk server connected to my OpenVPN server i.e., not using router as an asterisk server. However, I will be the only user of that server (need it to make and received local calls while I am abroad) and I don't want to have a separate piece of hardware always on for that when Asterisk can be installed on the router.

Thank you!
Looks like your ISP is giving out non-routing IPV4 addresses. You may not be able to access your system via OpenVPN. Am not sure what recourse you may have but smarter heads may be able to help you.
 

Pintset

New Around Here
Pintset, the RC-AC68U can use a free DDNS service so you can create a domain name and the router will update the DDNS with its current IP address. Then you just configure your DDNS domain name in your VPN client and it will connect to the current IP address of you router.
My ISP gives the same external IP address to number of users, i.e. I don't have dedicated dynamic IP address so I don't think that's the option.

Though I have tried to set up DDNS. It has successfully registered only with Method to retrieve WAN IP set to External. "Internal" is not working. I set up OpenVPN server on router, downloaded ovpn file but client is not connecting.
 

BosseSwede

Regular Contributor
I have a setup that probably is what you want. I had it running with an RT-AC68U router at first but this router is very limited in its VPN handling so on advice on this forum and on the OpenVPN forum I switched to RT-AC86U and this increased VPN speed by approximately an order of magnitude.
My config ties together two separate LAN sections such that all clients on both LAN:s can reach each other fully. And it is done via VPN that does not utilize a public IP on the remote system. Only the server system needs a public IP address.
But before you start anything about this then PLEASE! change the LAN addresses of your home and remote systems away from 192.168.1.1!!!!
You cannot use the same IP range on both LAN sections, it will be impossible to communicate!
Use something non-obvious like 192.168.176.x and 192.168.218.x for the two LAN:s.

Anyway, here is my suggested configuration (what I have done):
Home system
- Router RT-AC86U
- OpenVPN server installed on a Ubuntu Server 29.04.4 LTS box on home LAN
- DDNS domain for this system created (with my ISP, but you can use others)
- Port forward the VPN port (UDP 1194 or another not so obvious port) to OpenVPN server
- Create client certificate file (OVPN file) for the router with local only access so it will use its own gateway for external accesses.
On the home router add a route (LAN/Route):
192.168.218.0 255.255.255.0 192.168.176.132 2 LAN
(where the 1st range is the remote LAN, the 2nd is the mask, the 3rd the OpenVPN server's IP and then the metric and interface)

Remote system
- Install the OVPN file on the remote router client VPN so it connects back home.
- On the remote side this is pretty much all you need to do.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top