Menu
What's new
By:
Filters Better Search

RT-N66U OpenVPN - cannot connect to local LAN?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

S

striders

Occasional Visitor
I have previously setup OpenVPN AS server (download straight from OpenVPN.net). Works well with the RT-N66U and I can connect from Android, Windows and Mac machines AND browse the local LAN.

I disabled the OpenVPN AS server and tried to use RT-N66U OpenVPN. Although I can connect to the ASUS OpenVPN server, I cannot browse the local LAN.

Is there anything I need to change in the ASUS OpenVPN configuration to make this work? Below is my setting:

Interface Type: TUN --> No TAP, since Android does not support this
Protocol : UDP
Server Port: Default
Firewall : Auto
Authorization Mode: TLS
Username / Password Auth. Only: NO
Extra HMAC authorization: Disable
VPN Subnet / Netmask: DEFAULT of 10.8.0.0 —> Note that this is different than my LAN IP. I cannot change it to have the same subnet as my LAN since the router will complain about “conflict”

Poll Interval : 0 minutes (disable)
Push LAN to clients: Yes
Direct clients to redirect Internet traffic: No
Respond to DNS: No
Compression : Adaptive
Manage Client-Specific Options: Yes
Allow Client <-> Client: Yes
Allow only specified clients: No
 
USB App > Server Center > Samba

enable 'force as master browser' and 'set as WINNS server'
 
Can you access your Lan by typing in ip addresses of the machines? I think that you cannot browse your Lan using tun, You need to know the ip of your equipment. But I'm still learning so someone else has to confirm :)

Sent from my LG-D802 using Tapatalk
 
Last edited:
sinshiva said:
USB App > Server Center > Samba

enable 'force as master browser' and 'set as WINNS server'
Click to expand...

Err, I don't have a USB drive connected to the router. What I want is access other machines in my LAN, like my Windows box via NetBIOS. This is something I can do locally, but not on the VPN.
 
rodak said:
Can you access your Lan by typing in ip addresses of the machines? I think that you cannot browse your Lan using tun, You need to know the ip of your equipment. But I'm still learning so someone else has to confirm :)

Sent from my LG-D802 using Tapatalk
Click to expand...

No, won't work.

I am just curious what is it with the ASUS implementation of OpenVPN such that TUN will NOT allow remote devices to connect to the LAN and I have to use TAP.

With a true OpenVPN AS server I have, I can connect to the LAN with no problem. All my Android device, with OpenVPN client, can connect just fine and the OpenVPN AS server is on TUN.

So it has to do with ASUS's OpenVPN, but I couldn't figure it out.
 
I'm using TUN, and can access my whole Lan from outside. I'm using the ip addresses, don't think I can use host names but I've actually never tried. So something must be wrong with your setup, works brilliant over here.

Edit: I just followed a guide so I'm far from being an expert. So can't help you resolving this issue. Only thing that come to my mind was about trying with ip.
Good luck, don't give up, this should work :)

Sent from my LG-D802 using Tapatalk
 
Last edited:
rodak said:
I'm using TUN, and can access my whole Lan from outside. I'm using the ip addresses, don't think I can use host names but I've actually never tried. So something must be wrong with your setup, works brilliant over here.

Sent from my LG-D802 using Tapatalk
Click to expand...

Could you kindly take a look at my setup in the 1st post above? That's all I have right now.

I thought it's because the VPN IP address given to the client device is set to a different subnet than what I have for my LAN, but I can't even change the VPN subnet. I get:

Conflict with router's DHCP IP pool xxx.xxx.xxx
 
I also have a different subnet (same as yours) and it works.

Sent from my LG-D802 using Tapatalk
 
Here is my setup, using tun and tcp if that matters.

varygygy.jpg


Sent from my LG-D802 using Tapatalk
 
rodak said:
I also have a different subnet (same as yours) and it works.

Sent from my LG-D802 using Tapatalk
Click to expand...

OK, rebooted the router.

I just tested connecting from a Mac (with TunnelBlick) to the OpenVPN server, then map the network (i.e. smb://192.168.1.xxx) and now it works.

HOWEVER, Android won't work. Have you tried connecting from Android?
 
Maybe some settings on your Android profile that mismatch?

Edit: sorry about triple post, should have edited my post.

Sent from my LG-D802 using Tapatalk
 
rodak said:
Maybe some settings on your Android profile that mismatch?

Edit: sorry about triple post, should have edited my post.

Sent from my LG-D802 using Tapatalk
Click to expand...

Nothing is manually configured for the Android profile. This is what I did, which work with OpenVPN AS server (not ASUS's) but now for the ASUS OpenVPN:

1). Download and install Android OpenVPN from Google Play

2). From ASUS router, "Export" the configuration to a file --> file.ovpn

3). Open Android OpenVPN and import the configuration file

4). Connect from Android.

No custom manual configuration needed.

Did the same step with the *.ovpn file from OpenVPN AS server, works.

Oh, can you connect to the local LAN to the ASUS OpenVPN from your LG phone? I.e. using ES Explorer (or whatever file explorer you use), connect to your desktop/laptop drive or folder.
 
striders said:
.

Oh, can you connect to the local LAN to the ASUS OpenVPN from your LG phone? I.e. using ES Explorer (or whatever file explorer you use), connect to your desktop/laptop drive or folder.
Click to expand...

Yes, see screenshot above, connected to my set-top box samba share with solid Explorer, can connect to all my equipment, rpi, boxee, all routers, just everything. Like I was connected to my local Lan.


Sent from my LG-D802 using Tapatalk
 
striders said:
Err, I don't have a USB drive connected to the router. What I want is access other machines in my LAN, like my Windows box via NetBIOS. This is something I can do locally, but not on the VPN.
Click to expand...

i didn't say anything about connecting a drive
 
rodak said:
Yes, see screenshot above, connected to my set-top box samba share with solid Explorer, can connect to all my equipment, rpi, boxee, all routers, just everything. Like I was connected to my local Lan.


Sent from my LG-D802 using Tapatalk
Click to expand...

Sorry, missed that screenshot while I was replying to your post.

But I figured out the problem: Windows Firewall will NOT allow access connection from ASUS VPN-ed device. The moment I turned off Windows Firewall, I can ping, connect to local hard drive, etc.

I have enabled File and Printer sharing and allow port 445 for years (that's why connecting from OpenVPN AS works), so not sure what is Windows Firewall seeing or what changed with ASUS OpenVPN implementation.

I am falling back to the OpenVPN AS implementation for now, since I don't want to disable Windows Firewall just for this.
 
You must log in or register to reply here.

Similar threads

M
OpenVPN clients cannot connect to LAN computers.
Replies
0
Views
161
MNBob
M
M
OpenVPN / site to site with special security/routing constraints
Replies
7
Views
363
elorimer
E
E
OpenVpn
Replies
11
Views
422
enrico
E
P
Connect OpenVPN server with Client networks
Replies
3
Views
639
L&LD
L&LD
J
Reverse internet access through Asus-Merlin OpenVPN client.
Replies
0
Views
465
Johnco2
J
Similar threads
Thread starter Title Forum Replies Date
C Asus Merlin Router / OpenVPN client / Port forwards how? Routers 1

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 819 (members: 26, guests: 793)
Top