What's new

Can't hit LAN after connecting to OpenVPN Server?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

dreadnought

Occasional Visitor
I'm on a RT-AC87U running Merlin 384.13_10. I enabled the OpenVPN server today with largely default options (with the exception of some suggestions I noticed in this forum) and it was very easy to connect to from my iOS devices. The problem I have is that I can't reach anything on my LAN, which I think is essentially the point of a VPN - so I would be surprised if I have to do something customized to enable this?

For example, my LAN is 192.168.1.0 and the VPN subnet is 10.8.0.0. When my iOS devices connect to OpenVPN and get a 10.8.0.x IP address, they cannot reach (I've tried ping and http) anything on my LAN. I have even tried the following in the OpenVPN "Custom Configuration" but it had no effect (maybe the syntax is wrong):

push "route 192.168.1.0 255.255.255.0"

Am I doing something stupid or is there some sorcery I'm missing for an OpenVPN client to reach things on the OpenVPN server's LAN?
 
I've also noticed that neither the OpenVPN Server or Client seem to start automatically after a reboot, which seems especially strange since I have the option for "Automatic start at boot time" set to yes... and both the Server and Client seem to be running fine after I force them to start after a reboot with the relevant slider.
 
One thing to be careful about here.

It's generally a bad idea to use the all-too-common networks of 192.168.1.0/24, 192.168.0.0/24, etc., for your home network if you intend to establish your own OpenVPN server. The problem is that it is very likely you will eventually be at a location where the local network is also using that same network. And if that's the case, all your references to your home network will be in vain; your client will never route those references over the VPN! Better to use something more obscure for your home network (e.g., 10.99.82.0/24, 172.16.24.0/24).

Whether that is your current problem, I can't say. But if it isn't, one day it likely will become an issue.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top