What's new

Asus WRt firmware vpn director not working

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

my other clients are not connected to VPN as well so it did separate them.
An IP subnet of 192.168.50.20/30 will give you a usable range of 192.168.50.20 - 192.168.50.23

Is this what you're looking for?
no, I need 4 IP addresses. what would be the correct number for that?
 
well im just keeping the same subnet mask as everything else no?
Those IPs participating in that particular subnet should have a subnet mask of: 255.255.255.252 -- this is the traditional way for traffic for these IPs to stay within their particular range... for efficiency, routing, optimization sake. You may very well be able to get by with continuing to use 255.255.255.0, but if you run into issues, you can switch to its formal subnet mask.
 
Those IPs participating in that particular subnet should have a subnet mask of: 255.255.255.252 -- this is the traditional way for traffic for these IPs to stay within their particular range... for efficiency, routing, optimization sake. You may very well be able to get by with continuing to use 255.255.255.0, but if you run into issues, you can switch to its formal subnet mask.
how do i make those specific ips stay in that subnet mask ?
which settings do they fall under?
 
Maybe I'm misunderstanding what you're saying. You seem to be saying that the client's network interface should have a subnet mask of 255.255.255.252 even though the local subnet is /24. That's just wrong.
I mean... there's a whole other issue here... to do this right, he's would have to subnet things correctly across the board so there's not an overlap... Right now, there's probably an overlap between his primary /24 and this secondary /30 subnet. That's why I would suggest taking things with a grain of salt depending on how the Asus router will actually handle this. He may be able to get by continuing to use 255.255.255.0, but if the VPN director is a stickler, he may need that .252 for things to end up in their right buckets.
 
I mean... there's a whole other issue here... to do this right, he's would have to subnet things correctly across the board so there's not an overlap... Right now, there's probably an overlap between his primary /24 and this secondary /30 subnet. That's why I would suggest taking things with a grain of salt depending on how the Asus router will actually handle this. He may be able to get by continuing to use 255.255.255.0, but if the VPN director is a stickler, he may need that .252 for things to end up in their right buckets.
You are confusing IP address ranges with subnets. If the local subnet is /24 (which it is) then that's what needs to be set on the client's network interface. A subnet of 192.168.50.20/30 gives two host address (192.168.50.21 and 192.168.50.22), with 192.168.50.20 being the network address and 192.168.50.23 being the broadcast address.
Untitled.pngUntitled2.pngUntitled3.png
 
You are confusing IP address ranges with subnets. If the local subnet is /24 (which it is) then that's what needs to be set on the client's network interface. A subnet of 192.168.50.20/30 gives two host address (192.168.50.21 and 192.168.50.22), with 192.168.50.20 being the network address and 192.168.50.23 being the broadcast address.
View attachment 47206View attachment 47207View attachment 47208
You're absolutely correct... I forgot that the first and last were not usable. So the next viable range to give him at least 4 usable IPs would be:

192.168.50.16/29

giving a usable range of:
192.168.50.17 - 192.168.50.22

subnet:
255.255.255.248
 
You're absolutely correct... I forgot that the first and last were not usable. So the next viable range to give him at least 4 usable IPs would be:

192.168.50.16/29

giving a usable range of:
192.168.50.17 - 192.168.50.22

subnet:
255.255.255.248
You can still use CIDR notation for the VPN routing. My point was that you shouldn't change the subnet mask on the client's network interface. That's not a valid configuration.
 
Hi there! I'm having a similar problem. I just want specific devices to use VPN, but VPN Director isn't working.
screenshot-192.168.1.1_8443-2023.02.06-15_15_37.png


This should be very easy, but somehow my router won't consider these rules. Is there any way to make these rules in command line?
 
Hi there! I'm having a similar problem. I just want specific devices to use VPN, but VPN Director isn't working.
View attachment 47729

This should be very easy, but somehow my router won't consider these rules. Is there any way to make these rules in command line?
When you say VPN Director isn't working, what exactly isn't working? What steps have you taken to test out these settings? Are you able to hook up a laptop or other device to test connectivity through your VPN?
 
When you say VPN Director isn't working, what exactly isn't working? What steps have you taken to test out these settings? Are you able to hook up a laptop or other device to test connectivity through your VPN?
I mean by not working is when I add a policy, a specific device should be using VPN only. When I test IP on that specific device, I get back my WAN IP, not VPN.
 
I mean by not working is when I add a policy, a specific device should be using VPN only. When I test IP on that specific device, I get back my WAN IP, not VPN.
Then you have configured something very wrong.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top