What's new

access to openvpn server

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

andresmorago

Senior Member
Hello

Im setting up a openvpn server on a remote asus router (AC56R).

Router ip is 192.168.1.1
Router openvpn server ip is 10.0.3.1

openvpn is working ok. i can remotely connect from another asus router (client #2) . ip address that i get is 10.0.3.2

i have these 2 lines on the openvpn server custom configuration
Code:
push "route 192.168.1.0 255.255.255.0"
push "route 10.0.3.0 255.255.255.0"

i need to be able to access from my windows client to the routers web gui. here are my issues:

*10.0.3.1 is pingable but no web gui access
*192.168.1.1 is not pingable and no web gui access

i will appreciate your help

-andres
 
You shouldn't need either of those push statements. The first one ought to be automatically created by the "Push LAN to clients" option in the GUI, and the second one is not needed as that is the tunnel address.

Is the LAN subnet of the client different from that of the server, e.g. not 192.168.1.x ?
 
hello
thanks for the feedback. i will remove the push statements.

regarding the lan subnet of the client, yes, its different.

server lan ip: 192.168.1.1
server openvpn ip: 10.0.3.1
client ip: 10.0.3.2

i need to be able to access 10.0.3.1 from 10.0.3.2. right now i can ping but cant access tcp ports
 
Last edited:
hi

sorry. i didnt give you the information

router running openvpn client
10.0.0.1
255.255.255.0
 
That all looks OK.

Can you ping any other IP addresses on 192.168.1.x, for example a network printer? If you're pinging a Windows PC you'll probably have to temporarily turn off its firewall.
 
hi

from the openvpn client i cant ping any of the 192.168.1.x addresses. none of the devices are accessible from 10.0.3.0. none of the devices on 192.168.1.x are windows based.

i can ping the openvpn server 10.0.3.1 but router web gui isnt accesible
 
Last edited:
If you try connecting with a different type of client, like a mobile phone app, does that work?
 
Set your client router to an ip address other than 192.168.1.1


Sent from my SM-T380 using Tapatalk
 
Thinking about this a bit more, I think you need to tell the server about the client's subnet and how to get to it. So I'd guess you would need something like this in the VPN server custom config:

Code:
iroute 10.0.0.0 255.255.255.0
route 10.0.0.0 255.255.255.0
 
Thinking about this a bit more, I think you need to tell the server about the client's subnet and how to get to it. So I'd guess you would need something like this in the VPN server custom config:

Code:
iroute 10.0.0.0 255.255.255.0
route 10.0.0.0 255.255.255.0

hi @ColinTaylor
somehow adding these 2 lines crashed my openvpn server and i no longer can access the server :(. i didnt have a backup access path this time so ill have to be on site tomorrow in order to restore access.
 
Last edited:
Set your client router to an ip address other than 192.168.1.1


Sent from my SM-T380 using Tapatalk
thanks bbunge but its not possible at this moment since i already have several clients on each network and it would mean to change a lot
 
Have a look at this thread. If I'm reading it correctly it means that you can use the "Manage Client-Specific Options" and then add the subnets in the "Allowed Clients" list. No need to specify iroute and route.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top