Cannot open router ui when connected to router via vpn

[joeejo]

I have set up a vpn server on my asus RT-AX86U PRO using merlin 3006.102.4 using guides found here and at asus for the purpose of accessing the router UI from the intenet. I am able to connect to the router via the vpn server from the internet and I am able to ping the router, however when I attempt to access www.asusrouter.com it fails. I have also changed the vpn network to 10.9.8.0 although the routers lan is 192.168.2.0, so there is no overlap. I confirmed that the toggle is set to "both" (lan & internet). I also tried setting the vpn to different ports. In each case when I connect the vpn assignes me 10.9.8.2 and I can ping the router 10.9.8.1 but cannot access the router ui.

If I connect to the vpn server while my pc is on the same lan, I am also able to ping the router (10.9.8.1), indicating I have conected, and I AM able to access the UI at www.asusrouter.com, however the same connection on the same PC outside my lan fails to load the web ui.

I am using openvpn connect as a client from a laptop.

Can anyone suggest what I might have missed or done wrong? Since I can ping the router, I think I have the vpn set up properly, and I feel I am close, but obviously I have something wrong.

Thank you

 

[ColinTaylor]

Sounds like a DNS issue. Don't use www.asusrouter.com use the router's LAN IP address instead (192.168.2.1).

 

[joeejo]

Sounds like a DNS issue. Don't use www.asusrouter.com use the router's LAN IP address instead (192.168.2.1).

Thank you for your reply. That helped some, however using the lan IP the browser connects but the page is just a blank. Is there something I must set to allow the ui over the vpn?

 

[joeejo]

Here is the router log

May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=ASUS, OU=Home/Office, CN=RT-AX86U_PRO, emailAddress=me@asusrouter.lan
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=ASUS, OU=Home/Office, CN=client, emailAddress=me@asusrouter.lan
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 peer info: IV_VER=3.11.2_dev
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 peer info: IV_PLAT=win
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 peer info: IV_NCP=2
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 peer info: IV_TCPNL=1
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 peer info: IV_PROTO=8094
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 peer info: IV_MTU=1600
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 peer info: IV_CIPHERS=AES-128-CBC:AES-192-CBC:AES-256-CBC:AES-128-GCM:AES-192-GCM:AES-256-GCM:CHACHA20-POLY1305
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 peer info: IV_AUTO_SESS=1
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 peer info: IV_GUI_VER=OCWindows_3.7.2-4253
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 peer info: IV_SSO=webauth,crtext
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 peer info: IV_BS64DL=1
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 PLUGIN_CALL: POST /usr/lib/openvpn-plugin-auth-pam.so/PLUGIN_AUTH_USER_PASS_VERIFY status=0
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 TLS: Username/Password authentication succeeded for username 'joe'
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 TLS: tls_multi_process: initial untrusted session promoted to trusted
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 1024 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519
May 28 22:16:24 Ranch ovpn-server1[30170]: 172.59.130.145:1335 [client] Peer Connection Initiated with [AF_INET]172.59.130.145:1335 (via [AF_INET]67.7.66.44%eth0)
May 28 22:16:24 Ranch ovpn-server1[30170]: client/172.59.130.145:1335 MULTI_sva: pool returned IPv4=10.9.8.2, IPv6=(Not enabled)
May 28 22:16:24 Ranch ovpn-server1[30170]: client/172.59.130.145:1335 MULTI: Learn: 10.9.8.2 -> client/172.59.130.145:1335
May 28 22:16:24 Ranch ovpn-server1[30170]: client/172.59.130.145:1335 MULTI: primary virtual IP for client/172.59.130.145:1335: 10.9.8.2
May 28 22:16:24 Ranch ovpn-server1[30170]: client/172.59.130.145:1335 SENT CONTROL [client]: 'PUSH_REPLY,route 192.168.2.0 255.255.255.0 vpn_gateway 500,redirect-gateway def1,route-gateway 10.9.8.1,topology subnet,ping 15,ping-restart 60,ifconfig 10.9.8.2 255.255.255.0,peer-id 0,cipher AES-256-GCM,protocol-flags cc-exit tls-ekm dyn-tls-crypt,tun-mtu 1500' (status=1)
May 28 22:16:24 Ranch ovpn-server1[30170]: client/172.59.130.145:1335 PUSH: Received control message: 'PUSH_REQUEST'
May 28 22:16:25 Ranch ovpn-server1[30170]: client/172.59.130.145:1335 Data Channel: cipher 'AES-256-GCM', peer-id: 0
May 28 22:16:25 Ranch ovpn-server1[30170]: client/172.59.130.145:1335 Timers: ping 15, ping-restart 120
May 28 22:16:25 Ranch ovpn-server1[30170]: client/172.59.130.145:1335 Protocol options: protocol-flags cc-exit tls-ekm dyn-tls-crypt
May 28 22:16:25 Ranch ovpn-server1[30170]: client/172.59.130.145:1335 IP packet with unknown IP version=0 seen
May 28 22:16:49 Ranch ovpn-server1[30170]: client/172.59.130.145:1335 Delayed exit in 5 seconds
May 28 22:16:55 Ranch ovpn-server1[30170]: client/172.59.130.145:1335 SIGTERM[soft,delayed-exit] received, client-instance exiting