Help - Bi-Directional VPN using two Asus Routers in TUN mode

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
masterjx9
OpenVpn Newbie
Posts: 4
Joined: Sun Nov 10, 2019 5:37 pm

Help - Bi-Directional VPN using two Asus Routers in TUN mode

Post by masterjx9 » Sun Nov 10, 2019 7:44 pm

Problem - I can't access resources from the client to server or server to client. It says connected on the server but I am getting no access. I can confirm that a pihole device that I have works from the server network to the client network but I can't access the web interface or ping any devices from any location.

Information -
Server router - RT-N66W
Stock firmware
192.168.3.x
Image

Client router RT-AC68U
Asus Merlin
192.168.2.x
Image


What I have tried -
1. server router> vpn>advanced settings for OpenVPN>Manage Client-Specific Options (enabled) & client-client traffice (enabled) - Failed - It allowed me to ping the server network from the client router but only from the Network tools in the client router. I still can't ping any devices from the computer that is connected to the client network.

2. server router> vpn>advanced settings for OpenVPN>Custom Configuration>added a line of code [oconf=]route "192.168.2.0 255.255.255.0"[/oconf] and added [oconf=]push "route 192.168.2.0 255.255.255.0"[/oconf] - failed - still couldn't ping out from the computer on the client network.

3. Tried using the openvpn file that I got from the server router and using that on my android phone. - It works and I am able to access files from the server router network. (I am able to access the files from the computers that are connected to the server router through my android phone is I use the same openvpn file)
Image

4. Tried using the open file that I got from the server router and used that on a laptop that was on the client network directly instead of the client router. - It works, I am able to ping and use RDP.
Image

5. Ensured that both router's firewalls are down (atleast till I get this working)


More picture information that could help with context:
Image
Logs from client router
Image

What I have learned from testing - I can't specifically get any client computers on the client network to ping or access any client computers on the server network. However if I use the openvpn file directly on a device (client to server instead of server to server Tun type) like a phone or computer it will work.





Links I have looked at to try and help me but nothing has worked:
https://www.snbforums.com/threads/ultim ... ode.54868/
https://openvpn.net/community-resources ... er-subnet/


Any ideas or testing I can do to get this up?

masterjx9
OpenVpn Newbie
Posts: 4
Joined: Sun Nov 10, 2019 5:37 pm

Re: Help - Bi-Directional VPN using two Asus Routers in TUN mode

Post by masterjx9 » Sun Nov 10, 2019 11:49 pm

I was able to solve my issue

How I fixed it -

I reread through the Guide on setting up bi-directional vpn using two asus routers from here https://www.snbforums.com/threads/ultim ... ode.54868/ and decided to recreate my server configuration like his. It was a little hard to follow in step 17 and 19 since the GUI was missing some of the options that were in the guide (such as HMAC Authentication, and RSA Encryption) but in step 19, you can make sure that is in the configuration file by reviewing the .opvn and making sure you have the same lines of configuration that the guide has in step 19.

I also went into my hotspot's web portal (my client router is being ran off a tmobile usb hotspot modem) and changed the gateway IP to 192.168.5.1 since it was naturally set to 192.168.1.1. I don't think that did anything since I was using a 192.168.3.x network on my server network side and 192.168.2.x on my client network side but I didn't want to take any chances since I didn't know what else to do.

After I did that, and re imported my .opvn file into the client router, it worked.

I can now rdp, and access my pihole web portal from my client network.


Thank you for letting me using this to write out my testing work.

Post Reply