Menu
What's new
By:
Filters Better Search

access WAN after connecting to VPN server on asus? (VPN_client -> VPN_srv_on_asus_merlin -> WAN_on_asus_merlin)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

S

simaka

Occasional Visitor
I am about to upgrade my AC66U B1 and have been thinking that I might just
1. Move it to another country where a friend of mine lives and connect it to the LAN port of a said friend's router
2. ask my friend to port-forward the right port to my asus
3. run a VPN server on my asus
4. connect via VPN to my asus
5. utilize its WAN (internet) connection

Is this possible and would it be something which can be configured from the menus? Thx.
 
simaka said:
I am about to upgrade my AC66U B1 and have been thinking that I might just
1. Move it to another country where a friend of mine lives and connect it to the LAN port of a said friend's router
2. ask my friend to port-forward the right port to my asus
3. run a VPN server on my asus
4. connect via VPN to my asus
5. utilize its WAN (internet) connection

Is this possible and would it be something which can be configured from the menus? Thx.
Click to expand...
Why???
 
I want to access streaming services in that language, and unfortunately they are not available out of the country. What's even more unfortunate, is that commercial VPN services which I tested (nordvpn, expressvpn) have their IPs already blacklisted. Most unfortunate, as it's not one of the "big volume" countries, the VPN services don't offer dedicated IPs there. So I can either spin up my own VM in a hosting provider or send over post my old router to a friend, as mentioned above. Hope that justifies the use case enough :))))
 
simaka said:
I am about to upgrade my AC66U B1 and have been thinking that I might just
1. Move it to another country where a friend of mine lives and connect it to the LAN port of a said friend's router
2. ask my friend to port-forward the right port to my asus
3. run a VPN server on my asus
4. connect via VPN to my asus
5. utilize its WAN (internet) connection

Is this possible and would it be something which can be configured from the menus? Thx.
Click to expand...
This should work without any special configuration. Just make sure that "Client will use VPN to access" is set to "Internet" or "Both" in the VPN server's General settings.

This does of course assume that your friend's connection has sufficient spare bandwidth (up and down), and that he trusts you with potential access to his LAN.
 
ColinTaylor said:
This should work without any special configuration. Just make sure that "Client will use VPN to access" is set to "Internet" or "Both" in the VPN server's General settings.

This does of course assume that your friend's connection has sufficient spare bandwidth (up and down), and that he trusts you with potential access to his LAN.
Click to expand...
Thanks a lot, I see it only now, I had already checked the server tab configuration, but it seems I missed that radio button...

I will keep updating this thread with the progress over the next few months, just so that if anyone finds this has all the info.
 
Update:
I upgraded my old (AC66U B1) router with a new one (AC86U).
I configured a VPN server on my old AC66U_B1 and attached it to one of the LAN ports of the new AC86U.

PROBLEM: All works fine if I use the default vpn-server port 1194. I setup port forwarding on the internet-facing AC86U and am able to connect from outside. However, if I set it to a non-default port (and update the port forwarding to that same non-default port) - it doesn't work.
I suspect that the issue is in the test client - iphone running openvpn-connect app - likely can't connect to non-default ports. I will try tomorrow from my workplace where I run also an AC86U (AC86U_work) to have it connect to my home router. First using default ports, then using non-default.

Question: Is there any good guide on the security settings which should be used in a VPN server? I assume the default is not a good config to run...
 
The default settings are usually fine, that's why they're the defaults. The only thing I would suggest that you change is the port number to something random and non-obvious. Otherwise you'll be perpetually getting bots hitting that port.
 
simaka said:
I upgraded my old (AC66U B1) router with a new one (AC86U).
I configured a VPN server on my old AC66U_B1 and attached it to one of the LAN ports of the new AC86U.
Click to expand...

You can configure the VPN server on RT-AC86U. It has 5x faster CPU for OpenVPN.
 
Tech9 said:
You can configure the VPN server on RT-AC86U. It has 5x faster CPU for OpenVPN.
Click to expand...
can confirm. With AC66U_B1 I was able to get a max of ~24mbps up/down (AC66U_B1 being a client for NordVPN openvpn). With AC86U I am hitting the max of my connection speed (~100mbps up/down).
 
ColinTaylor said:
The default settings are usually fine, that's why they're the defaults. The only thing I would suggest that you change is the port number to something random and non-obvious. Otherwise you'll be perpetually getting bots hitting that port.
Click to expand...
that's exactly the issue... can't seem to make it work on the non-default port. Will continue troubleshooting tomorrow, once I have a real client to test with (as opposed to an iphone).
 
RT-AC86U with current firmware can do about 160Mbps on OpenVPN. I'm getting about 30Mbps from my RT-AC66U B1 OpenVPN server, but replacing the router this summer because it was locked by the Asus bad ASD update some time ago and I don't like that. I'm planning to use GL.iNet GL-MT2500 device for VPN exit point purpose. You can see what it is in the link below and it's only $70 for the plastic case version:

www.gl-inet.com

GL-MT2500 / Brume 2

Brume 2 (GL-MT2500/GL-MT2500A) is an industrial security gateway for a network to run add-on programs and act as a VPN client or server before data is transmitted out of the network premise.
www.gl-inet.com www.gl-inet.com
 
OK, non-default port works (used iphone hotspot to have a proper computer with a proper openvpn-client test connectivity).

Thx for the advice, will update once the router reaches its destination some weeks from now. :)
 
You must log in or register to reply here.

Similar threads

gdgross
Setting up VPN server (router?) for offsite access
Replies
13
Views
868
gdgross
gdgross
C
How can I do this.. Router VPN Client to Server 2
Replies
3
Views
329
ComputerSteve
C
oleksandr.belei
Speed drop with VPN Server enabled on RT-AX82u
Replies
7
Views
368
oleksandr.belei
oleksandr.belei
M
Has my VPN been compromised? "ovpn-server: Connection reset, restarting [-1]"
Replies
2
Views
550
micjgam
M
G
VPN Client with Public IP, split tunnel web server over VPN and other traffic not on the VPN
Replies
4
Views
408
Grefyne
G
Similar threads
Thread starter Title Forum Replies Date
R allowing direct WAN access on Asus RT-AX86U VPN 7
gdgross Setting up VPN server (router?) for offsite access VPN 13
C Instant Guard IPsec VPN Log Showing Regular Access Attempts VPN 3
G Remote Access Transmission Torrent Behind VPN on interface OVPN1 VPN 1

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 953 (members: 27, guests: 926)
Top