Posted: Mon Nov 05, 2018 11:09 Post subject: No internet access on VPN
Hi,
I'm trying to set up a VPN server on my router at home. The client and server connect successfully, but there is no internet access with the client-side error
Quote:
"Could not determine this computer's apparent public IP address before the connection was completed"
I'm pretty sure this is something to do with Additional Config in DD-WRT's OpenVPN settings. My configs are below, if anyone has advice on solving this problem, I would be very grateful.
I set the network to be 11.8.0.0 as I could successfully ping 10.8.0.0 before I had even connected with my VPN. Pinging 11.8.0.0 didn't have that problem, so I chose that instead. Should I set it back to be 10.8.0.0 anyway?
My Router's subnet is 192.168.1.0, the VPN's is 11.8.0.0 right now, and my client subnet is 192.168.1.0 as well.
I did what your notes said for adding the NAT rule to my router's firewall, changed the VPN subnet to 10.8.0.0 and enabled "redirect default gateway" – it finally works!!
My home internet is 70/20 and my client speeds are 100/100, is this speed normal for a VPN setup like this?
Thank you so much for your help!
EDIT
Apologies for the inevitably stupid questions, but can I view other connected devices on my home network including a samba file system with my setup, and if so how?
Joined: 18 Mar 2014 Posts: 12881 Location: Netherlands
Posted: Mon Nov 05, 2018 12:41 Post subject:
Your VPN should be on a private subnet (192.168.x.x., 172.16.x.x or 10.x.x.x) so choose something beginning with 10 i.e. 10.9.0.0 is fine.
It will not work reliably if your Routers subnet and the Clients subnet are the same.
As 192.168.1.0 is often used, you should set your routers IP at something else i.e. 192.168.33.1 /255.255.255.0
When that is set you can access every client on your routers subnet by their IP addresses.
If the SAMBA share is on your router you can open explorer and type \\192.16.33.1 to access your SAMBA share (if router is set on 192.168.33.1)
Edit: you should push the route to the router:
push "route 192.168.33.1 255.255.255.0"
Again, doing as you said worked as you said it would. Thank you so much!
Everything is now configured as I would like it to be, the only thing that's a little annoying is the network speed. If you had any thoughts on that, I'd be an extremely lucky internetter. Otherwise, thank you for all the help, I got more done on this today than I thought I would..!
Last edited by d0mini on Mon Nov 05, 2018 16:29; edited 1 time in total
Yeah, I had a go at changing the encryption to be AES128 and SHA1, but the performance was still the same.
I'm thinking it's either something to do with my specific version of DD-WRT, or (complete guess) something to do with my current network. That would be in spite of my current network having better internet than my home one. :/
It took me a little while, but after much reading my highly developed brain finally realised that client download speed is entirely dependent on server upload speed (I'm very smart by the way), and seeing as I'd limited uploads to 3mbit/s, it makes sense my VPN download speed was 2.7mbit/s.
What I don't really understand is why this behaviour wasn't consistent, as I got ~30mbit/s download when at home (where the server is) and on VPN. Aside from that, mystery solved, thank you everyone for your time.
