VPN Confusion

[Lloyd Cox]

I just bought the Asus RT-AC5300 and want to setup VPN. I read a lot of great things about Merlin and installed that firmware today. I am trying to grasp the VPN as its a bit different from my old Linksys.

I see there is a VPN server and VPN client and this is where the confusion starts.

I have successfully setup VPN server and tested it on a laptop where I can use openvpn and connect to the router and then remote desktop to one desktop PC.

My understanding is however I have to setup port forwarding to my client using port 3389 which I have done and pointed to one of my PC's. But how do I connect to my other 2 desktops? Do I have to change the port forward each time I want to remote desktop to one of them?

I see there is the VPN client setup for openvpn, but I don't understand what it does or its purpose. My guess is I can create individual VPN tunnels for each of my 3 desktops to the router for improved security, but i'm not sure if I understand it correctly. I have read several blogs and help items on this topic, and some say to use VPN server and others say to use VPN client, but none of them clarify what the difference are for or when to use which under which circumstance.

I'm hoping someone can help explain the difference between the server/client VPN setup on the router and how to achieve my goal if possible of being able to remote desktop between any of my 3 desktop pc's without having to change the port forwarding.

thanks in advance.

 

[Zirescu]

Assuming that all three desktops are sitting behind the router you should be able to connect to the VPN server while away and access all of your devices on the network behind the router without any port forwarding.

The VPN client is often used to connect to another VPN service (Anonymous VPN provider for example). If you had two different networks that you wanted to link together over the internet you could use the VPN client to connect to the VPN server on the other network to link the two networks together.

 

[martinr]

You don't necessarily need to set up port forwarding. Setting up OpenVPN is far easier than you'd imagine, and reading up about it is not a good idea because you come away thinking there's lots to it, which may well have been true a while ago, but is not so now. I'd go so far as to say it's almost intuitive.

Once you have set up the OpenVPN tunnel from your remote location to the OpenVPN server(s) running on your home router, it will be as if you are back home on your network, so you'd type in the internal IP address of the device you wanted to access into whichever program you are using. One thing to note, which Merlin often points out, your home network must not have the same internal IP address range as the remote one eg 192.168.1.x, otherwise there could be confusion because of devices with identical addresses. Another thing Merlin warns about is that if you are using OpenVPN in Windows on the remote device, you must open it with admin privilges.

 

[Lloyd Cox]

thank you very much for the help. I removed the port forward and I am able to connect to all 3 desktops now.

 

[wocram]

A VPN Server on your router is used if you'd want to connect home from outside of your network from the internet.
A VPN Client is used to connect to a VPN Server.

As pointed out previously, generally the VPN Client on the router is used to connect to a VPN providing service to circumvent geographical restrictions or censored content.