Asus RT-AC68u and GL.INet "slate" open VPN issue

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

5teve

New Around Here
HI All..

Been a long time reader now finally a poster and have been sent here from the GL.Inet forums..

Summary of my issue is below (copied from other forum) The below is just my replies as the responses I had were basically asking questions.. Thanks in advance!


Looking for some guidance. I’m new to these mini routers and they look like a great bit of kit. I’m trying to establish a connection from a boat to home via openvpn.

I have the gl.inet gl-ar750s-ext on the boat connected via the wan port to a netgear LB2120 modem (LTE) The connection is using gc-nat so I have no way of accessing the boats systems directly… so this is why I have gone with a router capable of openvpn client…

At home I have the AC68u sitting behind a vdsl modem - static IP address and the AC68u is running 2 instances of OpenVPN server one TUN and one TAP…

I have exported the config files and imported them in to the gl.inet gl-ar750s-ext… the TAP basically stops access to the router, the wifi loses its internet connection and nothing works.

The TUN profile sometimes works, can browse the network at the server end (home), has no internet for the local wifi connection and I cannot get to the gl.inet gl-ar750s-ext’s network from the server (home) end…

Has anyone got any hints or tips or can point me in the right direction?.. i’m pulling my hair out with it!

Steve

I agree it should work and the tun profile works fine on my phone, just not on the router (slate)… hence me trying tap which seems even harder…

My end goal is to have the slate auto connect to the home network, but only for lan access, and access the raspberry pi I have on the boat so I can ssh into it if needed… there is also a possibility of an IP cam too we have a 250gb plan so data should not be an issue… .

The main issue I seem to have is accessing home to slate when connected and anything that is connected to the slate via wifi loses internet… which isn’t helpful. I didn’t want to use the VPN for internet access for the local devices on the boat via the slate

Hope that makes sense,??

I’ve done a heap of searching and really not come up with much but will ask on smb forums… oh and yes running latest Merlin.

Steve

Yes this setting is Lan only… as I mentioned the profile works fine on my phone (i cant prove the return back to the client) but i definitely have internet and lan access via the phone…

I’m just waiting for registration on SNB so will post on there also…

I have tried a number of things and nothing seems to make the slate connect to the lan and still keep internet… seems to be a few similar issues from these modems too…

im very unfamiliar with this kind of thing so just finding my way… but just assume i’m a dummy as a general rule…

Thanks again for your continued guidance… so SSH into router…

OK so client ovpn file is…
client
dev tun
proto udp
remote 202.90.246.193 1194
resolv-retry infinite
nobind
float
ncp-ciphers AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
comp-lzo adaptive
keepalive 15 60
auth-user-pass
remote-cert-tls server

-----BEGIN CERTIFICATE-----

Server is…
daemon ovpn-server2
topology subnet
server 10.16.0.0 255.255.255.0
proto udp
multihome
port 1194
dev tun22
txqueuelen 1000
data-ciphers AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
comp-lzo adaptive
keepalive 15 60
verb 3
push “route 192.168.0.0 255.255.255.0 vpn_gateway 500”
duplicate-cn
push “dhcp-option DNS 192.168.0.1”
plugin /usr/lib/openvpn-plugin-auth-pam.so openvpn
ca ca.crt
dh dh.pem
cert server.crt
key server.key
script-security 2
up ‘ovpn-up 2 server’
down ‘ovpn-down 2 server’
status-version 2
status status 5

# Custom Configuration
sndbuf 524288
rcvbuf 524288
push “sndbuf 524288”
push “rcvbuf 524288”

I dont see anything there…

Screen shots of Asus



image
image752×362 14.8 KB





image
image756×767 24.7 KB



And Finally the log from the router as the VPN connects

Jul 5 19:23:33 ovpn-server2[19849]: client/120.16.87.159:1379 MULTI_sva: pool returned IPv4=10.16.0.2, IPv6=(Not enabled)
Jul 5 19:23:33 ovpn-server2[19849]: client/120.16.87.159:1379 MULTI: Learn: 10.16.0.2 → client/120.16.87.159:1379
Jul 5 19:23:33 ovpn-server2[19849]: client/120.16.87.159:1379 MULTI: primary virtual IP for client/120.16.87.159:1379: 10.16.0.2
Jul 5 19:23:33 ovpn-server2[19849]: client/120.16.87.159:1379 Data Channel: using negotiated cipher ‘AES-128-GCM’
Jul 5 19:23:33 ovpn-server2[19849]: client/120.16.87.159:1379 Outgoing Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Jul 5 19:23:33 ovpn-server2[19849]: client/120.16.87.159:1379 Incoming Data Channel: Cipher ‘AES-128-GCM’ initialized with 128 bit key
Jul 5 19:23:33 ovpn-server2[19849]: client/120.16.87.159:1379 SENT CONTROL [client]: ‘PUSH_REPLY,route 192.168.0.0 255.255.255.0 vpn_gateway 500,dhcp-option DNS 192.168.0.1,sndbuf 524288,rcvbuf 524288,route-gateway 10.16.0.1,topology subnet,ping 15,ping-restart 60,ifconfig 10.16.0.2 255.255.255.0,peer-id 0,cipher AES-128-GCM’ (status=1)
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top