Page 1 of 1

OpenVpn on routers does not work properly

Posted: Sun Feb 14, 2016 5:39 pm
by tovis
Hi ever one! I'm need help with my configuration.
I have spent a lot of time to get working openvpn on two identical routers WR1043ND.
The goal is to have two sites (LAN) connect to each other. What I have now you can see at http://pastebin.com/dRsipvqQ
As I wrote there I can not access sites, even routers are connected as half way?
Any help will be highly appreciated.

Re: OpenVpn on routers does not work properly

Posted: Thu Feb 18, 2016 9:08 pm
by tovis
After struggling on openvpn documentation on openwrt website, I was managed to setup client - ping server side equipment.
Now I'm stuck on server side. Here I can not ping client side equipment even from server router running openvpn.

Re: OpenVpn on routers does not work properly

Posted: Thu Feb 18, 2016 9:10 pm
by Traffic
Why did you post in "Braggin; Rights" .. when you clearly have nothing to brag about ?

Re: OpenVpn on routers does not work properly

Posted: Fri Feb 19, 2016 6:04 pm
by tovis
Sorry! It's my pure English vocabulary :)
I will looking for better place for this.

Re: OpenVpn on routers does not work properly

Posted: Fri Feb 19, 2016 6:09 pm
by Traffic
Post a new thread here:
configuration-f6.html

Please see the Forum rules (top of that page)

Please post the details to this forum not pastebin etc.

Re: OpenVpn on routers does not work properly

Posted: Fri Aug 03, 2018 3:16 pm
by MikeRobinson
Also – the traceroute command is your bestest friend. In particular, watch for "rows of asterisks," which means that a return route does not exist at a particular hop. (The traffic knows how to get there, but the echo reply doesn't know how to get home.)

"Static routes" are a fundamental part of getting this to work correctly, and don't forget that you must also account for the 10.80.0.x virtual address range that is used by OpenVPN itself. The computers on both sides must know about the other side, and(!) OpenVPN's own virtual address range, and must know to send both to their respective OpenVPN servers "as a gateway."

The OpenVPN server machines also need to have a predictable IP-address doled out to them by DHCP when they come on-lne to the local network, since you must mention these IPs in your static routes.

Both of these things are done in the configuration screens of each home's router.

Once you get the two OpenVPNs to connect to one another, the rest is "routine TCP/IP routing head-banging," because OpenVPN acts as a secure virtual router (or switch). traceroute helps you see what's going wrong, and where. Routing (with or without OpenVPN) is: "a hobbit's journey" –– There and Back Again.