[SOLVED] Questions on OpenVPN and AsusWRT
I have problems sharing a usb disk with Samba over OpenVPN
local sharing works flawlessly, but I cannot access disk when using OpenVPN with TUN interface
I have left all the default values, just activated OpenVPN + created certificate
Disk is in the same workgroup as all the other pc and firewall of pc using OpenVPN has been deactivated
Router is using 192.168.2.1 /255.255.255.0
OpenVPN 10.8.0.1 / 255.255.255.0
When I connect with a different pc (connected with cellular data connection) I can see OpenVPN is connected, I can ping 10.8.0.1 but I can't see any folder using Start/Computer/Network
if I try to open Start/Run and type
\\10.8.0.1
or
\\Shared01
or
\\10.8.0.1\Shared01
I get an error message "Network path was not found"
I have tried also manually mapping network drive with no success
Reading on the forum there was a discussion in which Merlin told, in order to make network browse possible, you have to use TAP interface instead of TUN
by doing so it worked and I can also see the other pc locally connected and the usb drive
now my questions:
1) why it doesn't work with TUN interface ?
2) From the pc on OpenVPN I was able to see the locally connected pc and it's something that concerned me a little bit.
I need just to share my usb disk and would like to keep all the pc hidden/separated, is it possible ?
3) What's the difference, security-wise, between TUN and TAP ?
4) Since my purpose is only file sharing (no remote desktop or else) what would be the best choice between TUN/TAP and UDP/TCP ?
5) If router is restarted I have a new router IP and certificate does not work anymore.
I have to modify certificate or recreate another one and copy on the pc, but this is not always possible (thinking for instance if electricity goes out and I am outside so I cannot connect anymore until I return back home).
Is there a way to create a certificate with dynamically assigned ip (sort of like when using DDNS) ?
6) If I deactivate VPN I notice that my local pc connected via ethernet to router cannot browse anymore.
Even trying to access router web interface page brings to a strange message on the screen (something around configuration changed and that to access settings page I should reconnect using wireless).
In order to restore connectivity I have to restart router or unplug/plug ethernet cable.
Is it a bug or is it normal ?
I have problems sharing a usb disk with Samba over OpenVPN
local sharing works flawlessly, but I cannot access disk when using OpenVPN with TUN interface
I have left all the default values, just activated OpenVPN + created certificate
Disk is in the same workgroup as all the other pc and firewall of pc using OpenVPN has been deactivated
Router is using 192.168.2.1 /255.255.255.0
OpenVPN 10.8.0.1 / 255.255.255.0
When I connect with a different pc (connected with cellular data connection) I can see OpenVPN is connected, I can ping 10.8.0.1 but I can't see any folder using Start/Computer/Network
if I try to open Start/Run and type
\\10.8.0.1
or
\\Shared01
or
\\10.8.0.1\Shared01
I get an error message "Network path was not found"
I have tried also manually mapping network drive with no success
Reading on the forum there was a discussion in which Merlin told, in order to make network browse possible, you have to use TAP interface instead of TUN
by doing so it worked and I can also see the other pc locally connected and the usb drive
now my questions:
1) why it doesn't work with TUN interface ?
2) From the pc on OpenVPN I was able to see the locally connected pc and it's something that concerned me a little bit.
I need just to share my usb disk and would like to keep all the pc hidden/separated, is it possible ?
3) What's the difference, security-wise, between TUN and TAP ?
4) Since my purpose is only file sharing (no remote desktop or else) what would be the best choice between TUN/TAP and UDP/TCP ?
5) If router is restarted I have a new router IP and certificate does not work anymore.
I have to modify certificate or recreate another one and copy on the pc, but this is not always possible (thinking for instance if electricity goes out and I am outside so I cannot connect anymore until I return back home).
Is there a way to create a certificate with dynamically assigned ip (sort of like when using DDNS) ?
6) If I deactivate VPN I notice that my local pc connected via ethernet to router cannot browse anymore.
Even trying to access router web interface page brings to a strange message on the screen (something around configuration changed and that to access settings page I should reconnect using wireless).
In order to restore connectivity I have to restart router or unplug/plug ethernet cable.
Is it a bug or is it normal ?
Last edited: