Asus Router OpenVPN Server cannot Access LAN

I am trying to set up an OpenVPN server on my Asus router so that I can access devices on my LAN when I am on the road, but I am unable to get it working properly. I am able to access my router's web UI at 192.168.1.1, but when I try to access anything else, I cannot do so.

Here are the settings that I have made on my router, but it still not working even though I have enabled the "Push LAN to clients" setting. I have tried turning the OpenVPN server off and back on to make sure that the setting apply, but even so, I am having no luck.

DaveTheMinion

Posted 2017-01-23T13:09:07.693

Reputation: 4 578

I think you've got this confused. This looks like it's setting up your router to connect to a OpenVPN server, and give that access to your lan clients. – djsmiley2k TMW – 2017-01-23T13:21:46.097

@djsmiley2k My router supports that but that's not what I'm doing. I can already access my VPN outside of my network, but I cannot access devices on my network via the VPN. I'm connected to my VPN right now while typing this. – DaveTheMinion – 2017-01-23T13:29:06.727

Has the VPN added routes for you? It should add routes for the local subnets on the other side. – djsmiley2k TMW – 2017-01-23T13:31:13.613

@djsmiley2k I do not know. The only thing I do know is that I can access my router's web UI and nothing else. – DaveTheMinion – 2017-01-23T13:35:36.750

And what Ip are you getting for that VPN? I see there VPN Subnet / Netmask of 10.8.0.0 but you mentioned your (internal) netwerk is 192.168.1.xx. I'm not really familiar with OpenVPN but what happens if you set Interface type from TUN to TAP (you should get a normal internal network IP then). – Rik – 2017-01-23T13:37:24.357

@Rik The IP that I am getting is 10.8.0.6. I have not tried changing from TUN to TAP because I want the VPN clients to have their own IP range. – DaveTheMinion – 2017-01-23T13:46:29.677

Maybe you can follow this guide: http://www.smallnetbuilder.com/other/security/security-howto/32538-setting-up-and-using-openvpn-on-asus-routers

– Rik – 2017-01-23T14:31:48.500

It seems that the issue lies not with my router's OpenVPN server, but rather, with the device that I am trying to access. For whatever reason, the device that I am trying to access appears to not work through the VPN presumably because it is blacklisting 192.168.1.1. I have not fixed it yet, but once I figure out how to force it to cooperate with 192.168.1.1, I imagine that my problem will be solved. – DaveTheMinion – 2017-01-23T18:39:45.213

Answers

I am very late to this party, but I recently solved this issue with the same router. Using your current VPN settings, all you need to do to is enable static routes in the LAN advanced settings section, on the Route subtab.

After which, you should be able to access other devices on your LAN. Restarting the OpenVPN server may be required.

Another option available to you is to switch the OpenVPN server to TAP mode, which will place you directly in your LAN, rather than create a new subnet that is pushed to your LAN. I had been using the TAP configuration previously, however, I've switched to TUN since android devices do not support TAP without being rooted. One side effect I've noticed in making the switch from TAP to TUN is that host name lookups no longer work, however, this isn't a deal breaker by any means since the devices I wish to access have static IPs.

jkurelek

Posted 2017-01-23T13:09:07.693

Reputation: 101

2Thanks for the explanation. I had forgotten to follow up on this question, but my issue could not actually be solved solely from the information that I had provided. In addition to the router-hosted OpenVPN server, I have a server on my network that is running its own instance of OpenVPN. It turns out that the issue that I was having had to do with identical subnets being used for both OpenVPN instances. Changing the subnet that the router operates on resolved the problem. – DaveTheMinion – 2018-01-18T18:17:20.597

just had the same problem while connecting router via OpenVPN. No LAN devices were available except router's UI. I solved it by letting LAN devices access to the internet. Because being paranoid I blocked internet access for all devices except my laptop.

Aonik

Posted 2017-01-23T13:09:07.693

Reputation: 1