Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Windows 10 issue with OpenVPN server

Discussion in 'Asuswrt-Merlin' started by Fitz Mutch, Oct 9, 2017.

  1. Fitz Mutch

    Fitz Mutch Senior Member

    Joined:
    May 27, 2016
    Messages:
    381
    Location:
    Portsmouth
    My Windows 10 laptop connects to the VPN, but it cannot access the remote network. When I change the LAN metric to 100 for the push route, it works! Router is RT-AC68U running Asuswrt-Merlin 380.68_4. Here's my fix:

    /jffs/scripts/openvpnserver1.postconf
    Code:
    #!/bin/sh
    
    push_lan_metric=100
    /bin/sed -r -i 's/(^push .* vpn_gateway ).*(")/\1'${push_lan_metric}'\2/' "$1"
    
    
     
    Last edited: Oct 12, 2017
    martinr likes this.
  2. unsynaps

    unsynaps Regular Contributor

    Joined:
    Nov 9, 2014
    Messages:
    99
    Location:
    Baltimore, MD
    Odd. Never had this issue and I have been using the VPN from two Win10 machines a lot lately.
     
  3. Fitz Mutch

    Fitz Mutch Senior Member

    Joined:
    May 27, 2016
    Messages:
    381
    Location:
    Portsmouth
    It's only an issue when the private LAN address range (i.e. 192.168.1.0/24) is the same for both local and remote networks.
     
  4. martinr

    martinr Very Senior Member

    Joined:
    Nov 27, 2014
    Messages:
    1,030
    Location:
    United Kingdom
    Out of interest, then, what would happen, say, when not only the address range matches but the IP address does, too, eg you attempt to contact a remote device at 192.168.1.5, and there is also a device on the local network with IP address 192.168.1.5?

    (Like me, I expect most people choose their home address range such that it is unlikely ever to clash with that of any remote network they might log onto and from which they intend to connect to their remote, home VPN server.)
     
    Last edited: Oct 12, 2017
  5. Fitz Mutch

    Fitz Mutch Senior Member

    Joined:
    May 27, 2016
    Messages:
    381
    Location:
    Portsmouth
    Have a look at your IPv4 Route Table in Windows. Type 'route print'.

    When my Windows laptop is connected to the router VPN, I think Windows assumes there is two different routes to the same destination network 192.168.1.0/24. So it uses the LAN metric to decide which route to take having the least cost.

    If my push route for OpenVPN server is:
    Code:
    push "route 192.168.1.0 255.255.255.0 vpn_gateway 500"  
    
    Then my IPv4 Route Table in Windows has these lines:
    Code:
    Network Destination        Netmask          Gateway       Interface  Metric  
    192.168.1.0                255.255.255.0    On-link   192.168.1.185     266  
    192.168.1.0                255.255.255.0    On-link        10.8.0.2     500  
    
    This confuse Windows and prevent me from accessing the remote network.

    My tweak fix the problem:
    Code:
    Network Destination        Netmask          Gateway       Interface  Metric  
    192.168.1.0                255.255.255.0    On-link        10.8.0.2     100  
    192.168.1.0                255.255.255.0    On-link   192.168.1.185     266  
    

    Yes, that's how to avoid this issue.
     
    Last edited: Oct 12, 2017
  6. martinr

    martinr Very Senior Member

    Joined:
    Nov 27, 2014
    Messages:
    1,030
    Location:
    United Kingdom
    Many thanks for the explanation, Fitz.
     
    Fitz Mutch likes this.
  7. unsynaps

    unsynaps Regular Contributor

    Joined:
    Nov 9, 2014
    Messages:
    99
    Location:
    Baltimore, MD
    Ahhh. OK. Yeah. Private on home network is 192.168. Work is 10.10.

    What exactly is that sed command doing though?

    EDIT: seems to be the same thing that https://github.com/RMerl/asuswrt-merlin/wiki/Custom-config-files explains.
     
    Last edited: Oct 12, 2017

Share This Page