Linksys E1700 OpenVPN Client Config (to Netgear X6 R8000)

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Ralink SoC based Hardware
Author Message
sunnyd24
DD-WRT Novice


Joined: 30 Sep 2010
Posts: 4

PostPosted: Tue May 07, 2019 17:14    Post subject: Linksys E1700 OpenVPN Client Config (to Netgear X6 R8000) Reply with quote
Hi,

Can anyone help with a OpenVPN client connection on the Linksys E1700 (running DD-WRT v3.0-r37305)?

I would like to connect to an OpenVPN service (running on a Netgear X6 R8000 Nighthawk router with stock firmware) and retrieve an IP address on the remote subnet mask (e.g. 192.168.0.x), if possible.

When using an OpenVPN client on a Windows PC, I can successfully retrieve an internal IP address (192.168.0.24) and access the local network (pings to R8000 router work on 192.168.0.1).

On the E1700, I currently have a "CONNECTED SUCCESS" status in OpenVPN Status but I can't get the client to provide a useful IP address. The local address and remote address varies but is normally "192.168.254.2" or "192.168.254.3" or "192.168.254.4" (cannot ping R8000 router work on 192.168.0.1).

The OpenVPN Client has the following settings:

Server IP/Name: xxxxx.xxxxxxxxx.com
Port: 12973
Tunnel Device: TUN
Tunnel Protocol: UDP
Encryption Cipher: AES-128 CBC
Hash Algorithm: None
User Pass Authentication: Disable
Advanced Options: Enable
LZO Compression: Adaptive
NAT: Enable
Firewall Protection: Enable
IP Address: "blank"
Subnet Mask: "blank"
Tunnel MTU setting: 1500
Tunnel UDP Fragment: "blank"
Tunnel UDP MSS-Fix: Disable
nsCertType verification: "unchecked"
CA cert: as per file
Public Client Cert: as per file
Private Client Key: as per file
Additional Config:
resolv-retry infinite
nobind
persist-key
persist-tun


Please can someone review the setting above and advise if I am missing something? I would like to communicate with the remote VPN local network (192.168.0.x)?

Thanks.

Kind regards,
Sunny
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8021

PostPosted: Fri May 24, 2019 0:37    Post subject: Reply with quote
When using a routed (tun) OpenVPN configuration, the OpenVPN client will *always* be assigned an IP address on the tunnel's IP network, NOT the remote network behind the OpenVPN server. Doesn't matter if the OpenVPN client is the router or a Windows PC. In order to be assigned an IP on the remote network behind the OpenVPN server, the OpenVPN client and server would have to be using a bridged (tap) configuration.

Since I can't see the OpenVPN server config, I can only assume the tunnel's network is using 192.168.254.0 255.255.255.0, given the reported range of assigned IPs.

Normally the OpenVPN server should "push" its own network to the OpenVPN client if it expects that client to route traffic for that network over the tunnel.

Code:
push "route 192.168.0.0 255.255.255.0"


Or else, if the OpenVPN server is configured to change the OpenVPN client's default gateway by pushing the following directive to that client …

Code:
push "redirect-gateway def1"


… then the client will eventually locate the 192.168.0.0/24 network on the other side of the tunnel once it realizes is doesn't have any local routing information for that network.

Again, without being able to see the OpenVPN server config, I'm left to speculate what's happening on the server side of this config.

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Ralink SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum