Still puzzling a TAP connection over Asus routers that doesn't allow internet access. All Merlin. I have two locations.
With port forwarding on the AX88, I have no difficulty establishing a TAP tunnel; the device connected to the AC1900 pulls an IP address from the AC56, and the device can communicate with the device behind the AC56.
I have the AC1900 client set to Exclusive DNS, directing internet traffic over the tunnel. But any device connected to the AC1900 does not get a default gateway and has no internet access, no matter what I specify as the default gateway. In the logs, all route-add instructions fail.
I'm missing something basic in how to get the AC1900 devices internet access over the TAP tunnel. The two devices that connect over this tunnel need TAP, not TUN to work.
To add complexity, in the second location I also have an AX86Pro, and I have a site to site TUN connection between the AX88 and the AX86. I have no difficulty with connections between devices on the AX88 LAN and the AX86 LAN. I have a route on the AX88 that then gives access between the AC56 devices and the AX86 devices. So if I connect a device to the AX86, I can reach the web interface of the AC56; if I connect a device to the AC1900 I need to set a manual IP on the device to see the AC1900 interface.
- In the first, I have an AX88, and behind it I'm using an AC56 that has a single device. The AC56 has an OpenVPN Tap server operating, with access set to "both". The device behind the AC56 has internet access.
- In the second I have an AC1900 with a OpenVPN client configuration and a single device.
With port forwarding on the AX88, I have no difficulty establishing a TAP tunnel; the device connected to the AC1900 pulls an IP address from the AC56, and the device can communicate with the device behind the AC56.
I have the AC1900 client set to Exclusive DNS, directing internet traffic over the tunnel. But any device connected to the AC1900 does not get a default gateway and has no internet access, no matter what I specify as the default gateway. In the logs, all route-add instructions fail.
I'm missing something basic in how to get the AC1900 devices internet access over the TAP tunnel. The two devices that connect over this tunnel need TAP, not TUN to work.
To add complexity, in the second location I also have an AX86Pro, and I have a site to site TUN connection between the AX88 and the AX86. I have no difficulty with connections between devices on the AX88 LAN and the AX86 LAN. I have a route on the AX88 that then gives access between the AC56 devices and the AX86 devices. So if I connect a device to the AX86, I can reach the web interface of the AC56; if I connect a device to the AC1900 I need to set a manual IP on the device to see the AC1900 interface.
