Connected to OpenVPN server on RT-AC86U - no internet connection

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Fuze

Occasional Visitor
Hi,

I'm trying to set up a VPN server on my RT-AC86U, but I can't get an internet connection. Already reset my router, but with fresh setup still the same problem. I think it might be a DNS problem, but don't know for sure. I'm not able to ping either 8.8.8.8 or google.com.

OpenVPN server config

# Automatically generated configuration
daemon ovpn-server1
topology subnet
server 172.16.4.0 255.255.255.0
proto udp
port 1194
dev tun21
txqueuelen 1000
ncp-disable
cipher AES-256-GCM
auth SHA256
compress lz4-v2
keepalive 15 60
verb 3
push "route 192.168.2.0 255.255.255.0 vpn_gateway 500"
duplicate-cn
push "dhcp-option DNS 192.168.2.1"
push "redirect-gateway def1"
plugin /usr/lib/openvpn-plugin-auth-pam.so openvpn
verify-client-cert none
username-as-common-name
ca ca.crt
dh dh.pem
cert server.crt
key server.key
script-security 2
up updown.sh
down updown.sh
status-version 2
status status 5
Client config

client
dev tun
proto udp
remote mydns.ddns.net 1194
float
cipher AES-256-GCM
auth SHA256
compress lz4-v2
keepalive 15 60
auth-user-pass
remote-cert-tls server
<ca>
-----BEGIN CERTIFICATE-----
MIIETzCCAzegAwIBAgIUZkqasA3I+hbExRn1CLlGMidahoVowDQYJKoZIhvcNAQEF
....
-----END CERTIFICATE-----
</ca>
resolv-retry infinite
nobind

Maybe you network specialists could help to set it up correctly :) Thank you
 

Attachments

  • 2020-06-28_11-51.png
    2020-06-28_11-51.png
    348.5 KB · Views: 89
  • 2020-06-28_11-50.png
    2020-06-28_11-50.png
    219.1 KB · Views: 88
  • 2020-06-28_13-47_1.png
    2020-06-28_13-47_1.png
    129.5 KB · Views: 71
  • 2020-06-28_13-47.png
    2020-06-28_13-47.png
    340.3 KB · Views: 92
Last edited:

elorimer

Very Senior Member
A lot going on there. But first, do you get an internet connection from the LAN through the router itself? The router is set up with a LAN address in the 192.168.1.x range, and your WAN address is a static address in the same range.

EDIT: Never mind. I completely misread the OP before the edit.
 
Last edited:

Fuze

Occasional Visitor
I'm getting internet access with all my devices connected to the router. Oh of course the router LAN IP is 192.168.2.1 and the WAN IP is 192.168.1.253.
 

bbunge

Part of the Furniture
Looks like you have a double NAT setup? Did you port forward the first router? What client are you using?
 

Fuze

Occasional Visitor
I've deactivated NAT at the 86U and the 1194 is forwarded to the 86U. I'm using a ubuntu openvpn client.
 

CaptainSTX

Part of the Furniture
My suggestion in order to simplify the trouble shooting is temporarily eliminate the double NAT and get the VPN server running on the router with both LAN and internet access.

Once you have that working go back to your double NAT and start working on getting the port forwards necessary working.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top