Asus RT-AC68U Config

[te2k]

Hi All, I am able to connect to my OpenVPN server on my Asus RT-AC68U router however unable to connect / ping any of my devices on my LAN. My network settings are as below:

WAN IP with 210.x.x.x
LAN IP = 192.168.1.1
LAN Devices IP in the 192.168.1.xxx range
VPN Server Settings as follows:
Interface Type: TUN
Protocol: UDP
Server Port: 443
Respond to DNS: Yes
Advertise DNS to Clients: Yes
Encryption Cipher: AES-256-CBC
HMAC Authentication: SHA 1
Compression: Adaptive
Authorization Mode: TLS
Username / Password Auth. Only: Yes
RSA Encryption: 1024 bit
Extra HMAC Authorization: Disable
VPN Subnet/Netmask: 10.8.0.0 / 255.255.255.0
Push LAN to Clients: Yes
Direct Clients to Redirect Internet Traffic: No
TLS Renegotiation Time: -1
Manage Client-Specific Options: No

I export the above configuration file and import on OpenVPN connect on my iPhone. Once connected, I am able to ping my LAN IP but nothing else on the LAN. I have also check with whatsmyip.com, when I am connected to wifi, my IP is the same as my WAN IP. However when connected to 4G and OpenVPN, my ip is still the same as when it was solely on 4G without VPN connection. I am guessing this might be the problem?

Also I have the OpenVPN log from the iphone below:
Open VPN Start
OpenVPN core 3.2 ios arm64 64-bit PT_PROXY
Frame = 512/2048/512 mssfix-ctrl=1250
UNUSED OPTIONS
2 [nobind]
5 [sndbuf] [0]
6 [rcvbuf] [0]
EVENT : RESOLVE
Contacting [210.x.x.x]:443/UDP via UDP
EVENT : WAIT
Connecting to [vpn.asuscomm.com]:443 (210.x.x.x) via UDPv4
EVENT: CONNECTING
Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,protoUDPv4,comp-lz0,cipher AES-256-CBC,authSHA1,keysize 256,key-method 2,tls-client
Creds: Username/Password
Peer Info: IV_GUI_VER=net.openvpn.connect.ios 3.0.1-770
IV_VER=3.2
IV_PLAT=ios
IV_NVP=2
IV_TCPNL=1
IV_PRONTO=2
IV_LZO=1

VERIFY OK: depth=0
Cert.version: 3
Serial number: 01
Issuer name: C=TW, ST=TW, L= Taipei,O=ASUS,CN=RT-AC68U
emailAddress=me@myhost.mydomain
subject name: C=TW,ST=TW,L=Taipei,O=ASUS,CN=RT-AC68U,
emailAddress=me@myhost.mydomain
issued on: 2018-09-15
expires on: 2028-09-12
signed using: RSA with SHA1
RSA kev size: 1024 bits
Basic constraints: CA=false
Cert.type: SSL Server
Key usage: Digital Signature, Key Encipherment
Ext key usage: TLS Web Server Authentication
SSL Handshake: TLSv1.0/TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
Session is ACTIVE
EVENT: GET_CONFIG
Sending PUSH_REQUEST to server…..
OPTIONS:
0 [route] [192.168.1.0] [255.2555.255.0][vpn_gateway][500]
1 [dhcp-option][DNS][192.168.1.1]
2[route][10.8.0.0][255.255.255.0]
3[topology][net30]
4[ping][15]
5[ping-restart][60]
6[ifconfig][10.8.0.6][10.8.0.5]
PROTOCOL OPTIONS:
Cipher: AES-256-CBC
Digest: SHA1
Compress: LZO
Peer ID: -1
EVENT: ASSIGN_IP
NIP: preparing TUN network settings
NIP: init TUN network settings with endpoint: 210.x.x.x
NIP: adding IPv4 address to network settings 10.8.0.6/255.255.255.252
NIP: adding(included)IPv4 route 10.8.0.4/30
NIP: adding(included) IPv4 route 192.168.1.0/24
NIP: adding(included) IPv4 route 10.8.0.0/24
NIP: adding DNS 192.168.1.1
NIP: adding match domain ALL
NIP: adding DNS specific routes:
NIP: adding(included) IPv4 route 192.168.1.1/32
Connected via NetworkExtentionTUN
LZO-ASYM init swap=0 asym=0
EVENT:CONNECTED username@vpn.asuscomm.com:443 (210.8.240.122) via /UDPv4 on NetworkExtensionTUN/10.8.0.6/ gw=[/]

In router routing table I have the following information:
Destination Gateway Genmask Flags Metric Ref Use Type Iface
10.8.0.2 * 255.255.255.255 UH 0 0 0 tun21
210.8.240.121 * 255.255.255.255 UH 0 0 0 WAN0 eth0
210.8.240.120 * 255.255.255.252 U 0 0 0 WAN0 eth0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun21
192.168.1.0 * 255.255.255.0 U 0 0 0 LAN br0
default 210.8.240.121 0.0.0.0 UG 0 0 0 WAN0 eth0

Any help would be greatly appreciated.

[GraemeEvans]

Did you manage to solve this? If so, how did you do it?

I am using the ASUS DSL-AC68U (with a 1Gb fibre connection to the Internet) and am stuck with exactly the same problem.
My laptop (Win 10 Pro, with "OpenVPN-install-2.4.8-1602-Win10.exe" installed, and connected to the Internet through my phone) can connect to the ASUS router, and ping it both on the VPN subnet (192.168.60.1) and on the LAN subnet (192.168.50.1). The router also shows the notebook as having connected in its browser interface.

However, the notebook cannot see (or even ping) any other device on the LAN. (The one I primarily want to access is my desktop computer, which has a fixed/static IP of 192.168.50.21. I ultimately want to RDP into this, and also upload/download files remotely.) When the notebook is connected directly to the LAN, it can ping my desktop (and drive it using Windows Remote DeskTop) - no trouble.

Has anyone else got any suggestions where to look next? (I suspect that "te2k" has given up on the OpenVPN forum, as he/she did not get a single reply to the his/her post back in Sep 2018.)

[syoung1999]

So I setup the OpenVPN server on my RT-AC68U yesterday (Sept 20, 2021) and thought that I was running into the same issues where you can not ping local machines after connecting to the OpenVPN server in the router. My issue was config and seems to be working just fine now. FYI, Firmware Version:3.0.0.4.386_41634.
Hope others can get this working as well.

[Untitled8]

So I setup the OpenVPN server on my RT-AC68U yesterday (Sept 20, 2021) and thought that I was running into the same issues where you can not ping local machines after connecting to the OpenVPN server in the router. My issue was config and seems to be working just fine now. FYI, Firmware Version:3.0.0.4.386_41634.
Hope others can get this working as well.

Hi there, I also have an RT-AC680U that I am trying to set up an OpenVpn connection on. I have NordVPN and the connection is failing due to my firmware
Version:3.0.0.4.384_45149 not supporting Nord OpenVPN v2.4. I'm curious what VPN you use and did you encounter any connection issues?