Strange IP DCHP adress at Wifi connections (openvpn active , FW 386.7-2 , RT-AC 86U)

mister

Regular Contributor
Dear all,
I've also recently noticed some odd behavior from my RT-AC86U (Merlin 386.7-2) and maybe someone else has noticed this as well or has a solution.

My DCHP network has the configuration 192.168.111.0/24 and there are 2 openvpn servers and openvpn 1, 4 and 5 active, each configured via the policies (VPN Director).

This also normally works without any problems. Now I recently had an internet outage and all connections were lost. At first I thought it was the VPN and I wanted to log in to my RT 86U with the IP using my cell phone via WLAN. But that didn't work. The IP address of my router was not found even though it was connected to the WIFI.

Under Status of Cell Phone I found that it was assigned a 10.XX.XX.XX IP address.

I was able to properly log into the router via LAN on the computer. A correct IP from the 192.168.111.0 range was assigned to the mobile phone according to the WebUI of the 86U.


I don't work with 10.XX.XX.XX. networks, only the OpenVPN clients have such a network when they are connected. But I find it strange why I suddenly have such an IP locally on my cell phone and can no longer access the router. Rebooting the RT-AC didn't help. By the way, it doesn't just affect a cell phone, but apparently all devices that are connected via WIFI.
LAN devices display the correct IP and can access the router's WEBUI.
Has anyone observed anything similar?
 

mister

Regular Contributor
In addition: That doesn´t mean, that it is related to the last Version of merlins firmware, but I personally firstly observed this issue.

Thanks a lot for some hints.

Hugo
 

eibgrad

Part of the Furniture
There's no way the router could suddenly be using the 10.x.x.x network when it was never configured for it. Sounds to me more like a case of perhaps being connected to some *other* SSID that happens to be the same as yours and perhaps Open. Perhaps even intentionally to redirect unsuspecting devices in hopes of capturing credentials or whatever. I'm esp. suspicious becase it does NOT affect wired devices.
 

RMerlin

Asuswrt-Merlin dev
Check if you aren`t using any VPN on your cell.

It could also be your mobile provider that's using NAT for their mobile Internet service, when connected to 4G/LTE.
 

mister

Regular Contributor
Dear all, thanks a lot for your ideas. A VPN on my cell phone I don´t use. I made some tests:
1. Connection of my mobile via mobile data and OPENVPN to the asus router works without problems
2. I am using Bullett VPN --> it seems to make differences which server I am using. At some servers the problem (10er IP) occurs, at some servers not. Could the different Bullett VPN Servers pull different configuration that are affecting this behaviour?
3. @eibgrad: Hopefully I don´t have a man in the middle ... I have a very strong password as WIFI. CUrrently no unknown device is visible.......

Thanks again for your hints.
 

mister

Regular Contributor
Dear all,
after I firstly thought , I would have found the reason for this strange behavior (Access Point) - it is not the case.
I switched off my access point and connected to my RT-AC86 U via Wifi.

We've had occasional power outages lately. The electricity is usually back before the internet. The DSLAM takes a long time, so the RTAC86 U has already booted up for several minutes, but has no internet connection.

As I said, we've had this problem with outages from time to time - the last time was about 4 months ago. My Samsung smartphone showed the WIFI connection with the "!" after the electricity came back (internet was offline) , but I could access all LAN devices via IP. For example, I could control my HUE devices with the HUE app.

This is no longer the case. I've attached a screenshot of what I can see.

The problem will be solved immediately as soon as the internet is back. Then I get an IP from my 192.168.111.0/24 address range again without any problems (after VPN Client connection was re-established). As described, it is strange that LAN devices are assigned the correct IP.

What I want to test in the near future:

OpenVPN 1, 4 and 5 clients are currently starting up automatically when they start: What happens if the Internet is gone and I don't start the clients automatically? Will I get an IP from the 192.X range or from the 10.X range?

I installed the following addons: x3routing and Yazfi. What happens if I disable this?


Does anyone have any other ideas what I could do. Something must be different now than 4 months ago because the router behaved differently.

I would be grateful for any ideas or hints.
Maybe someone could test whether the behavior occurs with themselves?

Thanks in advance
Hugo
 

Attachments

  • Wifi.JPG
    Wifi.JPG
    44.1 KB · Views: 26

sfx2000

Part of the Furniture
It could also be your mobile provider that's using NAT for their mobile Internet service, when connected to 4G/LTE.

For mobile phones (and most modems) - LTE connections are almost always NAT'ed on IPV4...
 

mister

Regular Contributor
For mobile phones (and most modems) - LTE connections are almost always NAT'ed on IPV4...
Thanks a lot for your hint. Do you mean that the 10er IP adress I got is from my mobile LTE provider and not from my Router ? Did I understand that the right way.
If that would be the case, why I was able to access LAN Clients via IP with my mobile and got the "!" in the wifi connection signal of my mobile ? How to force my mobile to get an IP Adress of that range?
 

sfx2000

Part of the Furniture
Thanks a lot for your hint. Do you mean that the 10er IP adress I got is from my mobile LTE provider and not from my Router ? Did I understand that the right way.
If that would be the case, why I was able to access LAN Clients via IP with my mobile and got the "!" in the wifi connection signal of my mobile ? How to force my mobile to get an IP Adress of that range?

Yes, the LTE carrier is assigning the 10dot...

As for your other question - with all the VPN setups you have running with VPN director, review your setups there - additional complexity can introduce routing items like what you've noted.
 

RMerlin

Asuswrt-Merlin dev
with all the VPN setups you have running with VPN director
VPN Director is purely RPDB rules applied on the router however, it wouldn't impact a client's LAN IP.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top