Posted: Wed Jul 28, 2021 20:05 Post subject: [SOLVED] Can't reach my home network public IP using OpenVPN
Hi guys! I am new here and to DD WRT in general, so would appreciate your help and patience.
I have R6700v3 flashed to DD WRT latest build 47090. I enabled and set up OpenVPN client to connect to Surfshark VPN service. I also enabled and setup OpenVPN server on DD WRT so that I could connect to network remotely.
Here is the problem: when I try connect from outside to my network public IP I get server timeout message and it won't connect and my public IP won't respond to ping. My DD WRT is plugged into ISP router and that one has correct 1194 UDP port open for forwarding. I am able to connect to OpenVPN server when I am on my another non DD WRT/non VPN router, which is also connected to ISP router. I also discovered, whenever I disable Open VPN client on DD WRT, boom, I am able to connect to my network via OpenVPN from outside. It seems that either it is a conflict between server and client on DD WRT or something else. Please help to solve this puzzle!
Last edited by ig007 on Thu Jul 29, 2021 11:35; edited 2 times in total
Excellent, now head over to the server setup guide.
Your setting are not optimal especially the data ciphers but for you the answer to your question is in the paragraph about running a client and server on the same router
Thank you! I just opened those pages and there is a lot to digest. Will manage that later today.
Found what I can optimize for server config and did apply PBR related settings as in guide. Worked like a charm! Thank you!!!
The only thing I am not happy about is the speed of connection. I am getting like ~300kb/s when copying file from server to my phone over 5G. I am getting ~35MBs D/U speed when connecting to outside via that DD WRT router with VPN client enabled. Seems like not a match. Is there a way to improve that?
Joined: 18 Mar 2014 Posts: 12837 Location: Netherlands
Posted: Thu Jul 29, 2021 7:03 Post subject:
Speed problems are always difficult.
When connecting with your phone to the VPN server and you are downloading to your phone we are talking about the basic upload speed of your internet connection so first of all what is the internet speed you have?
Of course the phone itself has to be able to have a decent download speed when on LTE so you have to check that too.
The router itself can do about 40 Mb/s running VPN of course if wifi is active and your VPN client on the router it will be a lot less but still better than what you see now (provided you have a decent upload connection)
Optimal settings are ChachaPoly for first data cipher but that will not make a huge difference.
Things to try when using UDP (which can be the fastests) make sure MTU setting on both side are 1400 (I saw you used 1500) see the MTU section in the troubleshooting guide.
When connecting with your phone to the VPN server and you are downloading to your phone we are talking about the basic upload speed of your internet connection so first of all what is the internet speed you have?
Of course the phone itself has to be able to have a decent download speed when on LTE so you have to check that too.
The router itself can do about 40 Mb/s running VPN of course if wifi is active and your VPN client on the router it will be a lot less but still better than what you see now (provided you have a decent upload connection)
Optimal settings are ChachaPoly for first data cipher but that will not make a huge difference.
Things to try when using UDP (which can be the fastests) make sure MTU setting on both side are 1400 (I saw you used 1500) see the MTU section in the troubleshooting guide.
If that does not help you can try TCP
On 5Ge network without VPN app I am getting 217Mb/s download and 20Mb/s upload. Naked internet speed on my home network without VPN client or server is D:300 U:340Mb/s. Then with VPN client enabled I get internet D:35 U:35Mb/s on my dd wrt router. And then as mentioned, when connecting from outside on 5Ge with speeds mentioned above, I only get D 300-600kb/s.
MTU number has been changed, as well as data ciphers on server. Not sure what can be done else. Will try TCP..