Posted: Fri Jun 02, 2017 5:29 Post subject: External access to NAS server through OpenVPN dd-wrt router
I acquired my new router a couple of days ago and finally got it up and running as a OpenVPN client. The connection to my VPN provider(Torguard) seems to work flawlessly, however I can't seem to connect to my NAS-server from outside my local network now. Previously I used the VPN capabilities of my NAS-server(DS216play), but it was a system hog and maxed out system ressources when I reached 50 Mbps, which is why I bought my new router(Linksys WRT-3200ACM). It is when I switch the default gateway of the NAS server from 192.168.1.4 to ...1.1 and disconnect the VPN connection on the NAS-server(to instead use the one setup on the dd wrt router), that I lose my ability to access the diskstation externally.
Problem and setup:
First of, here's a map of my network as of right now:
The dd-wrt router is set to gateway mode.
When I try to access the NAS-server remotely through a webbrowser I get a "Refused to connect" error, which looks like this:
I am very much a network rookie, meaning I have always setup my own home networks, but it hasn't really required anything other than rudimentary understanding of the topic. I am currently guessing that there's a problem between my modem/router, dd-wrt router and my NAS, where it doesn't point to my NAS server, when I try to connect to it from outside my LAN.
I just don't know what to do about the issue. Does anyone have an idea to what the problem might be?
I hope I added all the necessary information in my post, but if there's something I forgot, please feel free to ask
If you want to access your NAS server from outside, you need to setup an OpenVPN server on your router. When you are traveling, you need to have an OpenVPN client on the remote device. Once a secure tunnel is established between the remote device and the router, you can then access the NAS server using its IP address, the NAS server address and not the router address. As you can see PIA play no part at all or you don't need it for that purpose. It may be a good idea to turn off PIA client on the router as some people said that it may not work with both OpenVPN server and client on the same router.
Source based routing only requires a few commands:
ip rule add from [source IP]/[netmask] table 200
ip route add default via [gateway] dev [interface] table 200
ip route flush cache
The [source IP] should be whatever the IP of the machine is that you want to be routed differently, optionally with a [netmask] to specify a block of source addresses to route differently. The [gateway] should be the IP of the next router to send traffic to such as your VPN server or the gateway IP of your ISP. The [interface] should be whichever interface the traffic needs to be sent out to reach the alternative gateway such as tun0 for a VPN."
tried this based on an example:
ip rule add from 192.168.1.111/28 table 200
ip route add default via [vpn ip address I used in the openvpn configuration] dev tun0 table 200
ip route flush cache
but when I try it, I cannot connect to anything, even the config page and have to do a reset to recover.
Blue is the variables I changed
192.168.1.111 = nas