Guest Network to OpenVPN Server

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.


New Around Here
Hello - I wanted to test my OpenVPN setup on multiple devices, so I set them to use the Guest Wifi, and then tried to access the OpenVPN server on the router. After much hair pulling I realized this just doesn't work. In order to test the VPN access I have to go where there is another WiFi network, and VPN in from there. Is this a bug or is it intended to work this way for some reason? It sure would be nice if I could VPN in from the guest network.
Thank you.


Part of the Furniture
You have to VPN 'in' from the internet (WAN) side of your network. Not from the LAN side (which your Guest networks are part of).


Very Senior Member
1. As @L&LD says, your config should have the remote line point to your DDNS address, or your static IP if you have one instead. It should export that way anyway, but I have seen them be wrong.
2. I think it is a good idea to use the local command to have the servers listen only on the WAN interface.

I've found that testing the server from within the network is good for determining the config is working and while you are fiddling with settings or setting up multiple devices, but best is to test from where you want to use it. Also why having both servers running is a good idea.


New Around Here
You have to VPN 'in' from the internet (WAN) side of your network. Not from the LAN side (which your Guest networks are part of).
I understand what you are saying, and this is the issue I am bringing up. I don't understand why this needs to be a "have to". I've used DD-WRT routers in the past with which this kind of looped back access worked fine. The only reason to use the Guest network specifically, because it easily proves the function of getting to my private LAN addresses, which the Guest network does not normally have access to. Very convenient, and I think it would be a welcome addition to the firmware.

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!