What's new

Remote access for a router with activated VPN client?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

nico_ar

Occasional Visitor
Hi
I am a newbie and I hope you will not consider my question silly. Is there a possibility to remotely access, via web interface, an Asus Router (RT-AC66U running official SW) after it was connected to a remote VPN server?
DDNS links the router's IP without VPN client activated, right? Is it possible to force the linking of the new assigned remote IP to asuscomm.com DDNS server?
I left home forgetting to deactivate the VPN client connection and there was no way to reach my router anymore...
Thank you very much!
 
Hi
I am a newbie and I hope you will not consider my question silly. Is there a possibility to remotely access, via web interface, an Asus Router (RT-AC66U running official SW) after it was connected to a remote VPN server?
DDNS links the router's IP without VPN client activated, right? Is it possible to force the linking of the new assigned remote IP to asuscomm.com DDNS server?
I left home forgetting to deactivate the VPN client connection and there was no way to reach my router anymore...
Thank you very much!

Firstly, try to avoid accessing your router through WAN. It is more secure to use a Open VPN server.

Unfortunately, the answer is no.
It is correct that the DDNS in router GUI is linked to WAN.

However, when you get home, there are ways to prevent this from occuring again. Either by using port forwarding or by using Open VPN server through Open VPN Client.
Both require Asus Merlin firmware though.
 
RT-AC66U running official SW

You need to exclude router's IP from VPN. It can be done using Policy Rules in OpenVPN Client, Asuswrt-Merlin firmware. You did not specify what model your RT-AC66U is, the original A1 (MIPS CPU) or the new B1 (ARM CPU). Not sure if the final 380.70 firmware for A1 routers offers Policy Rules though.
 
You need to exclude router's IP from VPN. It can be done using Policy Rules in OpenVPN Client, Asuswrt-Merlin firmware. You did not specify what model your RT-AC66U is, the original A1 (MIPS CPU) or the new B1 (ARM CPU). Not sure if the final 380.70 firmware for A1 routers offers Policy Rules though.


Thank you very much! I do not know what kind of HW my router has, all I can tell you is that it runs 3.0.0.4.382_51640 SW. How could I exclude the router's IP from VPN routing? Editing the ovpn file ? Flashing the router? Using a two router configuration?
 
Firstly, try to avoid accessing your router through WAN. It is more secure to use a Open VPN server.

Unfortunately, the answer is no.
It is correct that the DDNS in router GUI is linked to WAN.

However, when you get home, there are ways to prevent this from occuring again. Either by using port forwarding or by using Open VPN server through Open VPN Client.
Both require Asus Merlin firmware though.

Thank you very much! Could I avoid the flashing of the router if I build a two router setup configuration? One for VPN client, the other for WAN?
 
Thank you very much! I do not know what kind of HW my router has, all I can tell you is that it runs 3.0.0.4.382_51640 SW. How could I exclude the router's IP from VPN routing? Editing the ovpn file ? Flashing the router? Using a two router configuration?

If you have two USB 2.0 on the back of the router it is a RT-AC66U MIPS router (the old one from 2012).

Thank you very much! Could I avoid the flashing of the router if I build a two router setup configuration? One for VPN client, the other for WAN?

That seems even more complicated, I would say. I have never done that and can unfortunately not give you advice for such a solution.

Flashing to Johns fork is quite easy as well as setting up Policy Rules.

Edit: Why have you started two threads about this topic?
https://www.snbforums.com/threads/vpn-service-just-for-selected-devices-possible.58336/#post-513503
 
Could I avoid the flashing of the router if I build a two router setup configuration?

Yes, you can and it's a common easy setup. First router feeds WAN only clients, second VPN clients only. Second router has to be in DMZ on the first one to avoid Double NAT complications. You won't have a link between the two networks, though. I don't know why you are so scared to flash the router. Everything you need is possible on one router only, just the right firmware has to be used.
 
to add to this i have a vpn client running on my asus router begind cgnat to my remote router over openvpn.

the interesting thing is it correctly gets a 10.9.0.2 address and i can ssh into the router via this address but i CANNOT connect via the address to the web interface.. what setup component am i missing thanks...
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top