Menu
What's new
By:
Filters Better Search

No access to LAN with OpenVPN

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

jorge

jorge

New Around Here
Hi,

I have setup OpenVPN on my Asus Router with the latest Merlin FW.
I can connect to with my iPhone/iPad/Windows Laptop to the OpenVPN server. However, accessing resources on the local LAN does not succeed. I have gone through everything multiple times and I'm unable to find what is wrong.

My OpenVPN CONFIG
=================
# Automatically generated configuration
daemon
topology subnet
server X.Y.2.0 255.255.255.0
proto tcp-server
port 2195
dev tun21
ncp-ciphers AES-256-CBC
auth SHA512
compress lz4
keepalive 15 60
verb 3
push "route X.Y.1.0 255.255.255.0 vpn_gateway 500"
duplicate-cn
push "dhcp-option DNS X.Y.1.1"
tls-auth static.key 0
ca ca.crt
dh dh.pem
cert server.crt
key server.key
status-version 2
status status 5

# Custom Configuration
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
cipher AES-256-CBC
persist-tun
persist-key
client-config-dir /jffs/openvpn/ccd1
ccd-exclusive
=================

Anyone have any ideas?

Thanks
Jorge
 
What services are you trying to access?

Keep in mind you are using a tun connection so anything that uses broadcast/multicast messages to discover devices won’t work (you would need a tap connection for that, which is not supported on iDevices but would be on a Mac).

Have you tried a simple ping of something you know responds to ping?


Sent from my iPhone using Tapatalk
 
JDB said:
What services are you trying to access?

Keep in mind you are using a tun connection so anything that uses broadcast/multicast messages to discover devices won’t work (you would need a tap connection for that, which is not supported on iDevices but would be on a Mac).

Have you tried a simple ping of something you know responds to ping?


Sent from my iPhone using Tapatalk
Click to expand...

I trying to access HTTP/HTTPS services
PING from my iPhone to an internal resource when having a VPN session fails
 
jorge said:
Hi,

I have setup OpenVPN on my Asus Router with the latest Merlin FW.
I can connect to with my iPhone/iPad/Windows Laptop to the OpenVPN server. However, accessing resources on the local LAN does not succeed. I have gone through everything multiple times and I'm unable to find what is wrong.

My OpenVPN CONFIG
=================
# Automatically generated configuration
daemon
topology subnet
server X.Y.2.0 255.255.255.0
proto tcp-server
port 2195
dev tun21
ncp-ciphers AES-256-CBC
auth SHA512
compress lz4
keepalive 15 60
verb 3
push "route X.Y.1.0 255.255.255.0 vpn_gateway 500"
duplicate-cn
push "dhcp-option DNS X.Y.1.1"
tls-auth static.key 0
ca ca.crt
dh dh.pem
cert server.crt
key server.key
status-version 2
status status 5

# Custom Configuration
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
cipher AES-256-CBC
persist-tun
persist-key
client-config-dir /jffs/openvpn/ccd1
ccd-exclusive
=================

Anyone have any ideas?

Thanks
Jorge
Click to expand...
Hi Jorge,

Sound's like a routing issue.

You stated you can connect to your server, but can you also browse the internet on your server?

Also, best practices for troubleshooting openvpn is to build out your config small and gradually add item's till you find the culprit.

Anyway, here's a resource link to help you out.

https://superuser.com/questions/537...access-machines-on-same-lan-as-openvpn-server

Oh, almost forgot. Remove the VPN gateway from your config, and add a static route to your router.

Sent from my LG-H830 using Tapatalk
 
Are you trying to access the internal device by its IP address, 192.168..... or by a local hostname?

In the Advanced Server settings, that block of 4 settings beginning with Push LAN to clients, are they all set to Yes?
 
You must log in or register to reply here.

Similar threads

D
ASUS RT-AX86U OpenVPN Server Error - Key Too Small
Replies
4
Views
261
Tech9
Tech9
C
Can someone help in why this OpenVPN config doesn't work with merlin?
Replies
7
Views
1K
ComputerSteve
C
B
OpenVPN TLS Error: tls-crypt unwrapping failed
Replies
1
Views
2K
brzvlg
B
N
Solved Unable to connect to VPN server with self-signed certificate
Replies
0
Views
432
nino_070
N
T
OpenVPN Bandwidth tweaking
Replies
8
Views
880
L&LD
L&LD
Similar threads
Thread starter Title Forum Replies Date
O Asus Router OpenVPN Server Can't Access LAN Asuswrt-Merlin 2
G RESOLVED: Lost access to WebUI from LAN, SSH is working Asuswrt-Merlin 1
N Connecting an ax58u to a BT homehub 5, via a lan port, and not getting internet access. Asuswrt-Merlin 3
D GT-AX6000 - 3004_388.6_0 - Wireguard client - No Access to Servers local LAN Asuswrt-Merlin 5
J Restrict access to LAN devices from VPN connection? Asuswrt-Merlin 2
L Is someone trying to access my router? Asuswrt-Merlin 3
P Openvpn internet access Asuswrt-Merlin 0
E OpenVPN TAP internet access problem Asuswrt-Merlin 0
S Prevent client from connecting to router but allow connection to internet via access point Asuswrt-Merlin 4
K Have global ipv6 address but unable to access internet over ipv6 Asuswrt-Merlin 39

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 605 (members: 15, guests: 590)
Top