OpenVPN Support Forum

Hi,

I'm using OpenVPN on iOS 9 with no problem while on 3G or 4G. By using I mean I connect to my Raspberry at home to connect to my computers via SSH or RDP on the LAN.

The problem comes with WiFi.

When I connect my iPhone on a WiFi router (at friends, hotels, etc.) I can connect to the VPN gateway but when I launch my RDP request to a private IP (192.168...) it doesn't work. I guess the reason is because my iPhone sends the request over the local LAN and not the remote LAN (mine).

However, note that when using Safari in that context I am well seen as using my remote connection. So it does seem to only concern requests to private IPs which are in both LANs (host and remote ones).

Any idea about how I can solve this?

Ozwel wrote:When I connect my iPhone on a WiFi router (at friends, hotels, etc.) I can connect to the VPN gateway but when I launch my RDP request to a private IP (192.168...) it doesn't work. <..s..>

Any idea about how I can solve this?

What IP is your home LAN ?

It's the same as the one I'm connected to via wifi: 192.168.0.0/24. Hence the conflict.

The point is that I can't choose the ip class of the wifi network I'm connected to. I could change my home ip to a class B or A but airport are often using class A and hotels class B. Isn't there a way to make sure all the requests to any IP is going to the tunnel?

See RFC1918 for a suitable network.

Thanks for the link but I don't see how it can help: I don't want to change anything about my home LAN. It is using a 192.168.0.0/24 based network and all I want is my remote device to be teleported in it.

OpenVPN gives my iPhone a 10.0.0.0 ip by default in my home network, the traffic is redirected to the 192.168.0.0 network by an iptable rule and I don't want my iPhone to use any other network than my home network while connected to the VPN.

Or maybe I've missed a part in the Wikipedia page you sent me which would help but it is not obvious for me.

Change your home network or endure routing conflicts .. it is up to you.

Alright so there is no workaround

Thanks for answering my questions

The only viable Openvpn solution --client-nat but that is way more painful !