Menu
What's new
By:
Filters Better Search

Simultaneous VPN Server and VPN Client

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Thierry said:
As far as I have understood, I need to set up a solution where the answer from the router won't go through the client VPN but to the WAN.
The problem is that I don't know how to do that in the asus router (web interface or IPTables).
Click to expand...
As the OpenVPN Server (Source Port 1195) is hosted on the router, then exclude the router from the VPN in the Selective Routing GUI

upload_2019-8-30_9-24-53.png
 
Hi all,

I have the same issue as Thierry and I am glad that he found an answer.
If I understand the suggested method, it solves the issue and allows you to access your openVPN server from outside your home.

However I still have an issue regarding ISP privacy, as in your case your OpenVPN Server is not tunneled anymore through the 3rd party VPN provider, and the connection between your OpenVPN Server and your router (the exit point) is therefore not encrypted and can by see by your ISP.
Remote pc <--vpntunenel--> home VPN server <--wan--> ISP

It's still a good tradeoff because all your others devices are still tunnelled through your VPN client, but not your server.

Therefore, is there an additional method to avoid that ?
So far I only see eibgrad's #2 suggestion to have a 3rd party VPN provider that allows port forwarding. (https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1129398)
Other methods such as PBR technically work great but make the server exit connection directly go through the WAN and to the ISP.

Any thought ?
 
Naiora said:
It's still a good tradeoff because all your others devices are still tunnelled through your VPN client, but not your server.

Therefore, is there an additional method to avoid that ?
So far I only see eibgrad's #2 suggestion to have a 3rd party VPN provider that allows port forwarding. (https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1129398)
Other methods such as PBR technically work great but make the server exit connection directly go through the WAN and to the ISP.

Any thought ?
Click to expand...
Hi ,

On my personnal case, I just want to remotly acces to my house through VPN si it works fine with this solution. In case I'd like to use VPN when mobile, I use the VPN apps of my VPN provider.

By the way, having this solution working, I 'm able to have permanent VPN connected for my house, and there, I had few surprised in term of performance. Roughtly, the bandwith I have is divided per 3 when I activate the VPN on the router. The provider answered me that is link to the performance of the router itself, I have also stability issue (radio streaming is cut every 30s), so at the end, that solution is far to be good to me.
Any advice regarding a good VPN provider that works well on ASUS AC68U ?
thanks
Thierry
 
For me the problem is more strange!
I have client connecting to 443 port and server receiving at 1194
Both subnet ips are different .

The fact is that while both server and client on, I can connect remotely to my vpn server!
It does connect (using for example openvpn for Android), but it shows that I'm connected to my public IP (not VPN ip).

I need one of two things:
1 - able to remotely connect to my server (including connecting to lan devices, such as router or mas) via WAN.
2 - able to remotely connect to my server (including to lan devices, router and nas) through my AIRVPN client.

I tried many different configs and solutions and no sucess.
The strange fact is that I can indeed connect to my vpn server but don't have access to any website or lan decide.

Any thoughts? Thanks
 
maghuro said:
For me the problem is more strange!
I have client connecting to 443 port and server receiving at 1194
Both subnet ips are different .

The fact is that while both server and client on, I can connect remotely to my vpn server!
It does connect (using for example openvpn for Android), but it shows that I'm connected to my public IP (not VPN ip).

I need one of two things:
1 - able to remotely connect to my server (including connecting to lan devices, such as router or mas) via WAN.
2 - able to remotely connect to my server (including to lan devices, router and nas) through my AIRVPN client.

I tried many different configs and solutions and no sucess.
The strange fact is that I can indeed connect to my vpn server but don't have access to any website or lan decide.

Any thoughts? Thanks
Click to expand...
Well I managed to get working the option 1, by adding the router IP to wan via policy routes.
And the 2 option? How can I be in my remote device, connecting to router via vpn served, and being connected to the airvpn that router is connected to?
 
Another question is - why is my download shown as upload on bandwidth monitor webpage?
 
maghuro said:
Well I managed to get working the option 1, by adding the router IP to wan via policy routes.
And the 2 option? How can I be in my remote device, connecting to router via vpn served, and being connected to the airvpn that router is connected to?
Click to expand...

Allow pass through according to this guide.
https://www.snbforums.com/threads/openvpn-server-and-client-question.38378/#post-316743
(You will find all information needed in this thread as well)

Do not forget make /jffs/scripts/firewall-start executable.
Code: 
chmod a+rx /jffs/scripts/firewall-start

Then add subnet of VPN-server to go through OpenVPN Client via WebUI, for example 10.8.0.0/24 to go through VPN.
Then reboot your router and test.
 
Salles said:
Allow pass through according to this guide.
https://www.snbforums.com/threads/openvpn-server-and-client-question.38378/#post-316743
(You will find all information needed in this thread as well)

Do not forget make /jffs/scripts/firewall-start executable.
Code: 
chmod a+rx /jffs/scripts/firewall-start

Then add subnet of VPN-server to go through OpenVPN Client via WebUI, for example 10.8.0.0/24 to go through VPN.
Then reboot your router and test.
Click to expand...
Oh my God that's exactly what I need and was looking for! Thanks!!!

Isa that possible to put those commands on a sh file? Including the chmod...
So I can backup the commands and run them if for some reason I have to format the router - so I can't lost them and apply them just by running the script
 
You must log in or register to reply here.

Similar threads

DiOnlyThingINoIsThatIDont
The Asus + Merlin + NordVPN router never disconnects from the internet when NordVPN stops working for a moment.
Replies
4
Views
396
Viktor Jaep
Viktor Jaep
B
VPN + Diversion
Replies
5
Views
533
BaconScout
B
S
VPN director and LAN traffic
Replies
2
Views
369
santhysouk
S
T
WireGuard and Traditional QOS
2
Replies
24
Views
1K
Tomo123
T
C
How can I do this.. Router VPN Client to Server 2
Replies
3
Views
316
ComputerSteve
C
Similar threads
Thread starter Title Forum Replies Date
O Assigned IP address to the WAN interface via VPN director: no internet connection - why? Asuswrt-Merlin 1
A Asus Merlin 388.6_2 VPN-Director Asuswrt-Merlin 5
M VPN FUSION & VPN DIRECTOR Merlin Firmware Asuswrt-Merlin 34
B VPN + Diversion Asuswrt-Merlin 5
S VPN director and LAN traffic Asuswrt-Merlin 2
B Firewall lan - vpn? Asuswrt-Merlin 0
V Two VPN connections from home network at the same time -> problems Asuswrt-Merlin 6
J Correctly using VPN Director? Asuswrt-Merlin 2
L&LD Problem with VPN Director Asuswrt-Merlin 6
C How can I do this.. Router VPN Client to Server 2 Asuswrt-Merlin 3

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 773 (members: 20, guests: 753)
Top