VPN setup

[CyberMew]

I'm trying to create a vpn so that i can access my home network from outside.

The process is straight forward except that I would like user to access it with 2 config options: user/pass and autologin option. It seems that we can only do either but not both? How would I go about setting the settings so that it is correct?

Also, upon connection to the vpn, my client seems to be unable to resolve the name to ip address. For example \\tower won't do but \\192.168.1.xxx works. Is there a way to configure that as well so it auto resolves?

 

[Rankdropper84]

Maybe its just me but I don't really understand what your asking fully

 

[mattiL]

I'm trying to create a vpn so that i can access my home network from outside.

The process is straight forward except that I would like user to access it with 2 config options: user/pass and autologin option. It seems that we can only do either but not both? How would I go about setting the settings so that it is correct?

Also, upon connection to the vpn, my client seems to be unable to resolve the name to ip address. For example \\tower won't do but \\192.168.1.xxx works. Is there a way to configure that as well so it auto resolves?

I don't know much regarding the first question, but for the second part I believe netbios name resolution is used.

Here you have some information on netbios:
http://www.techrepublic.com/article/how-netbios-name-resolution-really-works/

Unfortunately I do not know how netbios is used in AsusWRT.

 

[mattiL]

It seems I was wrong, dnsmasq is used for local name resolution, see @RMerlin post:

http://www.snbforums.com/threads/dns-server-support-for-local-name-resolution.10561/

 

[CyberMew]

I'm not really a linux person but I can follow instructions. I've tried to search on the net but I'm afraid I might break stuff. How would I go about adding an entry to the dnsmasq so that it will resolve \\tower to xx.xxx.xx.xx? Do I simply just vi /tmp/etc/dnsmasq.conf and add a "server=/tower/192.168.1.xxx" at the end and then reboot the router? What if I need to add several other entries as well?

 

[Martineau]

I'm not really a linux person but I can follow instructions. I've tried to search on the net but I'm afraid I might break stuff. How would I go about adding an entry to the dnsmasq so that it will resolve \\tower to xx.xxx.xx.xx? Do I simply just vi /tmp/etc/dnsmasq.conf and add a "server=/tower/192.168.1.xxx" at the end and then reboot the router? What if I need to add several other entries as well?

Read https://github.com/RMerl/asuswrt-merlin/wiki

and follow the example to modify /jffs/configs/dnsmasq.conf.add with your modifications to dnsmasq see Customizing configuration files

 

[ColinTaylor]

Do I simply just vi /tmp/etc/dnsmasq.conf and add a "server=/tower/192.168.1.xxx" at the end and then reboot the router?

No. That server command does not do what you're thinking it does.

You have to understand what is going wrong before you can fix it.

Is your home network part of a domain or a workgroup? If it's a domain then you have to set up DNS on the clients/router properly. If it's a workgroup you either have to enable broadcast support across the VPN or setup a WINS server.

Alternatively, you could create reservations for all your clients within DHCP (LAN > DHCP Server > Manually Assigned IP around the DHCP list). That would avoid the whole NetBIOS/WINS issue.

 

[CyberMew]

I have already assigned an ip to the device. If I connect to my VPN (on the router page), it cannot resolves //tower to //192.168.1.specificip, so I need it to resolve. Perhaps this is not the way to do that?

So now I have enabled jfss, and I wanted to create the file, but I'm having some trouble
admin@RT-N66U-3BA8:/jffs# cd config
-sh: cd: can't cd to config
admin@RT-N66U-3BA8:/jffs# mkdir configs
mkdir: can't create directory 'configs': Read-only file system
admin@RT-N66U-3BA8:/jffs#
Any idea what's next?

 

[ColinTaylor]

What is your VPN client? A Windows PC?

If so, from the client's command prompt:

nslookup tower

What does it say?

 

[CyberMew]

I'm using iPhone so I can't run the command. I have no problems connecting to the internal ip directly via the app I'm using.

Any idea why the jfss config folder is not there? I cannot follow the tutorial anymore

 

[john9527]

I'm using iPhone so I can't run the command. I have no problems connecting to the internal ip directly via the app I'm using.

Any idea why the jfss config folder is not there? I cannot follow the tutorial anymore

It means the format didn't complete correctly....after enabling the option to format at next boot, reboot twice in a row without changing anything in between the reboots.

 

[ColinTaylor]

I'm using iPhone so I can't run the command. I have no problems connecting to the internal ip directly via the app I'm using.

Then you need to run something on the iPhone that tells you the IP address of the DNS server being used when you're connected to the VPN. I suspect it's wrong.

PS As I said before, putting a "server" parameter into your dnsmasq config file will NOT fix your problem.

-S, --local, --server=[/[<domain>]/[domain/]][<ipaddr>[#<port>][@<source-ip>|<interface>[#<port>]]

Specify IP address of upstream servers directly. Setting this flag does not suppress reading of /etc/resolv.conf, use -R to do that. If one or more optional domains are given, that server is used only for those domains and they are queried only using the specified server. This is intended for private nameservers: if you have a nameserver on your network which deals with names of the form xxx.internal.thekelleys.org.uk at 192.168.1.1 then giving the flag -S /internal.thekelleys.org.uk/192.168.1.1 will send all queries for internal machines to that nameserver, everything else will go to the servers in /etc/resolv.conf.​

 

[CyberMew]

It means the format didn't complete correctly....after enabling the option to format at next boot, reboot twice in a row without changing anything in between the reboots.

Thanks.

Then you need to run something on the iPhone that tells you the IP address of the DNS server being used when you're connected to the VPN. I suspect it's wrong.

PS As I said before, putting a "server" parameter into your dnsmasq config file will NOT fix your problem.

You're right

I fixed it by following this instruction instead http://www.snbforums.com/threads/openvpn-and-dnsmasq-hostnames.10168/