Problems with DHCP with multiple ASUS routers w. OpenVPN

This forum is for general conversation and user-user networking.
Lilleneuhoffen
OpenVpn Newbie
Posts: 5
Joined: Sun Mar 12, 2017 12:50 pm

Problems with DHCP with multiple ASUS routers w. OpenVPN

Postby Lilleneuhoffen » Sun Mar 12, 2017 12:59 pm

Hi,

I have a ASUS RT-AC3200 router running the buildt in OpenVPN server. Then, i have three friends with similar routers connected with the buildt in client system (connected with my AC3200's OPVN file).

The solution works well. No internet traffic routing - as we are only using this system to get access to our fileservers and UPNP devices.

Now, here is the problem;

My router (the VPN server) is 10.0.10.1 / 255.255.255.0 - my friends routers are 10.0.11.1, 10.0.12.1, and at last 10.0.13.1.
The network adapter in the server has got multiple IP's so we can find and connect to it.

Nothing unusual, it all works great. But here is the catch; sometimes if i, or any of the other guys connect a device to our WLAN (or LAN) - we sometimes get IP's from another router (example: i connect my iphone to my wlan, where the ip should be 10.0.10.X - but suddenly i get 10.0.12.X) - a ip from my mates router.

I have tried and failed multiple times now.. and googled my way around the issue, with no luck.
Does anyone in here have a solution for our problem? We would much appreciate the help.

/Hans

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2442
Joined: Fri Jun 03, 2016 1:17 pm

Re: Problems with DHCP with multiple ASUS routers w. OpenVPN

Postby TinCanTech » Sun Mar 12, 2017 11:47 pm

Lilleneuhoffen wrote:sometimes if i, or any of the other guys connect a device to our WLAN (or LAN) - we sometimes get IP's from another router (example: i connect my iphone to my wlan, where the ip should be 10.0.10.X - but suddenly i get 10.0.12.X) - a ip from my mates router
You must be running with --dev tap ..

Lilleneuhoffen
OpenVpn Newbie
Posts: 5
Joined: Sun Mar 12, 2017 12:50 pm

Re: Problems with DHCP with multiple ASUS routers w. OpenVPN

Postby Lilleneuhoffen » Wed Mar 29, 2017 7:46 pm

Thank you for your reply,

I have selected TAP as "Interface type" - is this enough?
Or do i (or the clients connecting?) have to add: --dev tap in the config below also?

See attached image.

Image

Lilleneuhoffen
OpenVpn Newbie
Posts: 5
Joined: Sun Mar 12, 2017 12:50 pm

Re: Problems with DHCP with multiple ASUS routers w. OpenVPN

Postby Lilleneuhoffen » Thu Mar 30, 2017 9:16 am

TinCanTech wrote:You must be running with --dev tap ..

Does not seem like this solution works either..

TiTex
OpenVPN Expert
Posts: 206
Joined: Tue Apr 12, 2011 6:22 am

Re: Problems with DHCP with multiple ASUS routers w. OpenVPN

Postby TiTex » Thu Mar 30, 2017 11:12 am

He was saying above that you were using "TAP" adapter which forwards layer 2 broadcasts (DHCP requests) between your vpn clients.
So you should definitely use TUN adapter for routing, that alone should stop the broadcasts from your network to your vpn clients network, if not ... then something else is going on.
Using 'TUN' adapter , Allocate from DHCP option should also be disabled, i have no idea how did it work if it was already with TUN

Lilleneuhoffen
OpenVpn Newbie
Posts: 5
Joined: Sun Mar 12, 2017 12:50 pm

Re: Problems with DHCP with multiple ASUS routers w. OpenVPN

Postby Lilleneuhoffen » Tue Apr 04, 2017 6:24 am

TiTex wrote:He was saying above that you were using "TAP" adapter which forwards layer 2 broadcasts (DHCP requests) between your vpn clients.
So you should definitely use TUN adapter for routing, that alone should stop the broadcasts from your network to your vpn clients network, if not ... then something else is going on.
Using 'TUN' adapter , Allocate from DHCP option should also be disabled, i have no idea how did it work if it was already with TUN


Thank you for your answer mate :)

Well, we sort of got the VPN to work with TUN and "Allocate from DHCP" to Disabled.

However..

Now the VPN Server pushes 10.0.13.X to our routers - and while we manage to ping the media server (a Windows 2012R2 w/Kodi Media Server) - we cant see it on our own local networks. While i can ping its original LAN adress (10.0.10.151) - i cant find it in my friends routers even as after we have added multiple IP's to the ethernet adapter.

The servers main adress is 10.0.10.151 (Static). On my friends networks, it should be 10.0.11.151, and 10.0.12.151 - as we have mapped these adresses in the ethernet adapter in Windows Server. Subnet all over is 255.255.255.0

This solution worked perfectly when running with TAP. And we would like to make this work with TUN also, as this has removed the problems with DHCP servers forcing and pushing ip's all over the place.

Is there any way that i can get the server to be found by the connected routers (OpenVPN Clients) on their respective LAN's? Would a solution be to connect to the server via the OpenVPN software directly on the server?

I appreciate all the feedback i get from you guys. VPN is fun, and we learn something new every day :)

TiTex
OpenVPN Expert
Posts: 206
Joined: Tue Apr 12, 2011 6:22 am

Re: Problems with DHCP with multiple ASUS routers w. OpenVPN

Postby TiTex » Tue Apr 04, 2017 11:57 am

the easiest way i can think of right now is installing a WINS server in one location or all of them and add the hosts manually in the database configure your routers to hand out WINS server IP to clients via DHCP , that could work but never tried it or tested

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2442
Joined: Fri Jun 03, 2016 1:17 pm

Re: Problems with DHCP with multiple ASUS routers w. OpenVPN

Postby TinCanTech » Tue Apr 04, 2017 12:33 pm

Lilleneuhoffen wrote:This solution worked perfectly when running with TAP. And we would like to make this work with TUN
Determining whether to use a routed or bridged VPN

In short: You must understand the difference between TAP vs TUN and then understand that not all applications (Windows networking especially) do not work over TUN. In order to make them work over TUN more application support is required, which may be WINS or could be something else. All of which is basically beyond the scope of this forum ..

Lilleneuhoffen
OpenVpn Newbie
Posts: 5
Joined: Sun Mar 12, 2017 12:50 pm

Re: Problems with DHCP with multiple ASUS routers w. OpenVPN

Postby Lilleneuhoffen » Thu Apr 06, 2017 7:26 am

Well, we went back to TAP. In short; we gave the standard devices static ip's in our routers, and will look for a solution to the problem with different dhcp servers pushing ip's around the network.

Is there any way you can block the ports for the DHCP server in the OpenVPN config?

TiTex
OpenVPN Expert
Posts: 206
Joined: Tue Apr 12, 2011 6:22 am

Re: Problems with DHCP with multiple ASUS routers w. OpenVPN

Postby TiTex » Thu Apr 06, 2017 10:18 am

no you can't , but you should be able to block ports from your router
i see there is a "Firewall" drop-down menu on the vpn config page , and check if you can set dhcp server configurations maybe that can solve your issue.
https://en.wikipedia.org/wiki/Dynamic_H ... #Operation

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 2442
Joined: Fri Jun 03, 2016 1:17 pm

Re: Problems with DHCP with multiple ASUS routers w. OpenVPN

Postby TinCanTech » Thu Apr 06, 2017 11:52 am

Although I do not know how your router configures TAP mode, openvpn normally configures
--dev tap with --server-bridge .. and so the VPN subnet is that of the real LAN.

If done as such, it would make no difference from where the DHCP address is acquired
because all the routers would be using the same subnet.


Return to “Off Topic, Related”

Who is online

Users browsing this forum: No registered users and 2 guests