OpenVPN: Just can connect the VPN Server but not the clients behind

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Scrambler

New Around Here
I'm getting crazy. Since 2 weeks I try to resolve that problem for hours and I could not find any helping infomation even others has a similar problem.
Before all of it my network worked until I changed my router and set up my NAS new and updated the OpenVPN connect on my computer. And now even with the old router it does not work anymore.

I have an Asus router RT-AX68U with the merlin firmware. That is my OpenVPN Server. Configuration see at the attachments.
I want to connect this OpenVPN Server by a Win10 computer with the OpenVPN Connect Client V3 through the internet.
Also I want to connect this OpenVPN Server by another Asus Router through the internet.

The OpenVPN Server has the local IP address 10.11.12.1 255.255.255.0 and I can ping it. But any other device behind the OpenVPN erver, especially the NAS, I can not ping.

I'm almost sure, there is a problem with the OpenVPN Server. It does not push the LAN to the VPN client.

And something else. I just installed the client1.ovpn file to the OpenVPN client. But what about the server_ovpn.cert file. Do I have to use it too? I could not find any information about.

Thanks for helping. I have a very small business and I have use my time for much important things. But I'm depending o that NAS. I have to be able to connect it.
 

Attachments

  • Asus_01.jpg
    Asus_01.jpg
    26.5 KB · Views: 29
  • Asus_02.jpg
    Asus_02.jpg
    65.2 KB · Views: 24

eibgrad

Very Senior Member
Make sure the OpenVPN Connect app on Win10 has administrative privileges. Accessing any routes push'd by the OpenVPN server requires changing the local routing table in Windows, which is a *privileged* operation.
 

Scrambler

New Around Here
Hi
Thanks for your comment. What means privileged? What do I need to do for that?

Also I figured out something new. I'm able to only ping my printer behind the router. But any computer, any NAS I can't ping.
 

eibgrad

Very Senior Member
In order to add routes to Windows requires you run the OpenVPN Connect app w/ administrative privileges, which means when you start it, you have to right-click it and select the "Run as administrator" option (or else configure its settings to run w/ the same).

But given you now say you can at least ping these devices, that suggests this is NOT the problem, but more likely personal firewalls on the target devices, which is particularly common w/ Windows machines. By default, Windows will NOT allow access by other private networks (in this case, the tunnel, 10.8.0.0/24) unless you make an exception in the firewall. Other devices may have similar default behavior.
 

eibgrad

Very Senior Member
P.S. Sometimes users find it easier to add the following NAT rule to the router's firewall rather than running around trying to reconfigure all their personal firewalls.


The NAT rule *masks* the OpenVPN client's assigned IP w/ the LAN ip of the router, so it appears to the target device the source IP is from its own private network, thus satisfying the requirements of the target's firewall.
 

Scrambler

New Around Here
Hi
I will check it out. To implant that small code.
But you helped me already so much. I figured out what was the problem. You were right. The firewall. All of my computers has a firewall. Also I installed new the QuFirewall. I did not know, that the firewall blocks all those activities.

Thank you very much.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top