Posted: Thu Jun 20, 2019 19:28 Post subject: Running OpenVPN Client on AP doesnt seem to work
So I've got 3 routers all running dd-wrt, 1 is the main router (connected to modem), 2 are access points connected to the main router by ethernet..
Im trying to configure one of the APs to run a OpenVPN client, which seems to work fine, no problems in the log, remote IP (showing in log) seems to be at the remote site, however when I connect to that AP (either wireless or hardwired) it doesnt seem to use the VPN connection; IP is my normal WAN IP and any internet traffic seems to run as per normal..
Is the above supposed to work? Can you set up 1 of the APs to run OpenVPN and run any traffic through that router (wifi or ethernet) over VPN?
I have not done any other configure/tweaks than setting up the OpenVPN Client config.
Thanks for you help, that makes sense.. But I have tried setting the gateway on my mobile's wifi connection, but it doesnt seem to work. internet works fine though (only not going over vpn)
Worth noting that my LAN IP is 192.168.0.3, but the Local Address for the VPN connection is: 10.74.x.x
A follow up question:
Should I be able to configure the DHCP server on the main router to set the gateway for a particular IP (I cant see such settings)? or do I need to configure the one on the AP (which is currently disabled).
Joined: 18 Mar 2014 Posts: 12889 Location: Netherlands
Posted: Fri Jun 21, 2019 8:56 Post subject:
Some points to consider when setting up a VPN client on a WAP (https://wiki.dd-wrt.com/wiki/index.php/Wireless_access_point) be sure to disable DHCP and set Gateway and local DNS to primary router.
If I remember correctly for a VPN client on a WAP you need a different NAT rule:
Thanks for you help, that makes sense.. But I have tried setting the gateway on my mobile's wifi connection, but it doesnt seem to work. internet works fine though (only not going over vpn)
Worth noting that my LAN IP is 192.168.0.3, but the Local Address for the VPN connection is: 10.74.x.x
Go to a shell (telnet/ssh) on the AP and verify that the following returns the VPN's public IP and NOT the ISP's public IP.
Code:
wget -qO - http://ipinfo.io/ip
Thanks for the detailed response. I will have a look at the DHCP Server side of things when I get a minute.
The command above confirms the AP's IP is the VPN one, and I did manage to get VPN working by changing the Gateway on my Apple TV this morning - so your changes appear to work fine.
I will have a further play to see how best set things up.
I did attempt to follow a wiki article about setting up a Virtual AP using the VPN - that way I can just connect to "Wifi-NoVPN" if I want WAN access, and "Wifi-VPN" if I want to go over VPN.. That didnt go too well, but I will pick up where I left off and perhaps ask some questions a bit later.
I have set up an unbridged VAP as suggested by @egc and that seems to work fine.
Quick question.. With an unbridged VAP, is it hard work to get access to the LAN (files on NAS)? Or will I need to set up a bridged VAP and go that route?
Joined: 18 Mar 2014 Posts: 12889 Location: Netherlands
Posted: Fri Jun 21, 2019 16:02 Post subject:
scope2 wrote:
I have set up an unbridged VAP as suggested by @egc and that seems to work fine.
Quick question.. With an unbridged VAP, is it hard work to get access to the LAN (files on NAS)? Or will I need to set up a bridged VAP and go that route?
You now have internet access via your VPN but normally (and to get access to the rest of your network) you have to add the following rule: