Connecting two Asus routers (One Client and One Server)

[MonkeyB]

Hello Everyone,

I have 2 Asus Routers (A & B). Both running Merlin Firmware.

Router A (Located in India):
- I have set up a OpenVpn Server.
- Successfully connecting to it via OpenVpn software on Laptop and Phone all over the world.

Router B (Located in US):
- Trying to make this as a VPN Client and define policy rules to specify which devices need to access VPN.
- I have used VPN Client successfully on PureVpn and other providers in the past by following specific instructions.
- But when I am using the .opvn file generated by Router A. I get the following status: "Connected (Local: 10.8.0.2 - Public: unknown)"
- All internet goes down unless I switch the client off.

I have not touched a single setting on the server side while generating the Opvn or Cert file. And it works flawlessly on Phone and Laptops. What am I doing wrong?

Apologies if this question was answered in a different tread. If yes, Please point me towards it. I did see something about setting a Bi-Directional VPN and there was so much information that I got confused.

Thank you so much for your time.

 

[eibgrad]

The devil is in the details in a case like this. And since we have no details, it's difficult to guess what the problem may be.

Is this OpenVPN server configured *solely* for the purposes of providing internet access to its OpenVPN clients, whether it's the router or mobile devices? Or does it provide access to the IP network behind the OpenVPN server as well? And if so, does that work correctly?

Did you NAT the tunnel?

Mobile devices do this automatically, but when configuring your own OpenVPN client and server, it's possible (even desirable) to NOT NAT the tunnel if the server is properly configured w/ a static route that points to the OpenVPN client's local network as being accessible over the tunnel. But that assumes the two sides of the tunnel are using *different* IP networks.

Also, what precisely does *all* internet goes down mean? Does that include the router itself (e.g., you can't even ssh to the router and ping a public IP, say 8.8.8.8)? Or does that work, but only all the local LAN clients bound through Routing Policy lose internet access?

 

[MonkeyB]

@eibgrad , Thank you very much for your response. I am not a very tech person when it comes to networking, hence I missed all the points you had mentioned.

The OpenVpn was set up to provide access to the IP Network of the router. I use it to unlock VOIP restrictions and also access Geo Restricted content. It is working extremely well (on mobile devices) and I see that the IP address reflects the IP of the Server.

I see that the NAT is enabled on the Client router settings. I will try disabling this.

Only Local LAN clients bound through Routing policies lost internet access. I am able to access the router and rest of the machines normally.

Please let me know if I had missed anything you had asked.

 

[MonkeyB]

@eibgrad , after disabling the NAT. The VPN started working for some time.

After an hour. I tried enabling the VPN but it gave me the same issue again. Meaning all the clients defined in the policy rules stopped getting internet (web) access.

Upon resetting the entire router and setting the client again, It is working. Hopefully it was some bug that is no longer there. I shall seek your advice if this keeps repeating.

Thank you so much for your help so far.

 

[here1310]

please read Setting up VPN server - DDNS (DNS-Omatic) not working | SmallNetBuilder Forums (snbforums.com)