OpenVpn help

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

macster2075

Senior Member
Hi,
Trying to setup OpenVpn and need some help. So far I have set it up and downloaded the OpenVpn app on my iPhone XR installed the config file. I can connect to the vpn as long as I am on Wifi, but not if I get on phone data.
Not sure what I am missing. I have tried selecting Internet Only and Both, but I still cannot connect on data. Anything else I need to do?

I am only needing to set this up to connect to my network when I am traveling outside in order to view my cameras. I've also heard I can also do this using DDNS..but not sure what to do.
Which one is easier to configure? - I would like security, but also ease of use.
 

eibgrad

Very Senior Member
You need to be more precise. You can connect to the VPN but you can't access LAN devices, OR, you can't connect to the VPN at all? Because if it's the latter, one possibility is you don't have a *public* IP on your WAN, but a private one. One way to know for sure is if the following link reporting your public IP is NOT the same as defined on your WAN (see home page).


The only purpose of DDNS is to update a hostname you control, w/ your current WAN ip, so you can reliably use the hostname to remotely access your home network, whether that's your OpenVPN server, or other services port forwarded over the WAN. DDNS in and of itself does NOT provide remote access, or compete w/ OpenVPN, or any other VPN.
 
Last edited:

Tech9

Very Senior Member
I would like security, but also ease of use.

Most ISPs assign dynamic external IPs and we need to track the changes in order to connect back to our networks from Internet. This is what Dynamic DNS service is used for. Asuswrt has built-in free DDNS service in WAN section. I'm surprised you can connect to your VPN Server from inside your LAN, but some sort of NAT loopback could be running there. Anyway, you need DDNS service and eventually port forwarding on the Internet facing router (when ISP device is a modem/router), if it's not your Asus router itself (when ISP device is a modem only). I don't know what your setup looks like. Hopefully you don't have to deal with ISPs assigning private IPs.

@eibgrad is the local VPN guy. If he can't help you, no one else can. :)
 
Last edited:

macster2075

Senior Member
You need to be more precise. You can connect to the VPN but you can't access LAN devices, OR, you can't connect to the VPN at all? Because if it's the latter, one possibility is you don't have a *public* IP on your WAN, but a private one. One way to know for sure is if the following link reporting your public IP is NOT the same as defined on your WAN (see home page).


The only purpose of DDNS is to update a hostname you control, w/ your current WAN ip, so you can reliably use the hostname to remotely access your home network, whether that's your OpenVPN server, or other services port forwarded over the WAN. DDNS in and of itself does NOT provide remote access, or compete w/ OpenVPN, or any other VPN.
What I mean by I can connect.. I just meant the OpenVpn app on the iPhone gets connected...but only while connected to my wifi... I cannot get the app to connect while on phone data. Not sure if that makes sense lol. - I want to be able to connect to my network when I am outside LAN and I was told instead of opening ports on the router, it's better to use the VPN to do that as it's more secure..but, I don't know much about that, which is why I need some help :)

When I click on that link, I can see my IP address with 3 green dots at the bottom. Also, I am using DDNS to update OpenDns with my IP... which is why I was confused when someone told me I can set DDNS to connect to my router from outside.. I didn't know DDNS could be used for that, but now I know that's not the purpose of it.
 

Tech9

Very Senior Member
What's the external IP address shown in your router's GUI, public or private range?

Private IP address ranges:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
 

Tech9

Very Senior Member
Can you place your router's WAN IP address in DMZ (in order to skip port forwarding)? Look for DMZ Host settings.
 

macster2075

Senior Member
hmm.. this is a Actiontec. T3260 So far I don't see an option for DMZ host settings in there.. Im going to try searching online to see if it's even an option.
 

macster2075

Senior Member
yup.. I was just about to post I had found it online haha...so in there I just simply enter the IP address of the router.. the one showing in GUI?

1634087377661.png
 

Tech9

Very Senior Member
Yes, this will save you port forwarding to this specific IP address (your router). You can assign a static IP for it, so it doesn't change. No timer.

Now, do you have DDNS service already set and running?
 

Tech9

Very Senior Member
Rename the file to .txt and open it. Look for this line:

remote [your ddns] [server port]

Does it sound right for your OpenVPN server settings?
 

Tech9

Very Senior Member
OK, replace the IP address with your DDNS hostname, leave the server port as it is. Dont change anything else. Save the file, rename it back to .ovpn, upload it to your OpenVPN App and try to connect with the phone on Data (not Wi-Fi).
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top