Posted: Tue May 07, 2019 17:14 Post subject: Linksys E1700 OpenVPN Client Config (to Netgear X6 R8000)
Hi,
Can anyone help with a OpenVPN client connection on the Linksys E1700 (running DD-WRT v3.0-r37305)?
I would like to connect to an OpenVPN service (running on a Netgear X6 R8000 Nighthawk router with stock firmware) and retrieve an IP address on the remote subnet mask (e.g. 192.168.0.x), if possible.
When using an OpenVPN client on a Windows PC, I can successfully retrieve an internal IP address (192.168.0.24) and access the local network (pings to R8000 router work on 192.168.0.1).
On the E1700, I currently have a "CONNECTED SUCCESS" status in OpenVPN Status but I can't get the client to provide a useful IP address. The local address and remote address varies but is normally "192.168.254.2" or "192.168.254.3" or "192.168.254.4" (cannot ping R8000 router work on 192.168.0.1).
The OpenVPN Client has the following settings:
Server IP/Name: xxxxx.xxxxxxxxx.com
Port: 12973
Tunnel Device: TUN
Tunnel Protocol: UDP
Encryption Cipher: AES-128 CBC
Hash Algorithm: None
User Pass Authentication: Disable
Advanced Options: Enable
LZO Compression: Adaptive
NAT: Enable
Firewall Protection: Enable
IP Address: "blank"
Subnet Mask: "blank"
Tunnel MTU setting: 1500
Tunnel UDP Fragment: "blank"
Tunnel UDP MSS-Fix: Disable
nsCertType verification: "unchecked"
CA cert: as per file
Public Client Cert: as per file
Private Client Key: as per file
Additional Config:
resolv-retry infinite
nobind
persist-key
persist-tun
Please can someone review the setting above and advise if I am missing something? I would like to communicate with the remote VPN local network (192.168.0.x)?
When using a routed (tun) OpenVPN configuration, the OpenVPN client will *always* be assigned an IP address on the tunnel's IP network, NOT the remote network behind the OpenVPN server. Doesn't matter if the OpenVPN client is the router or a Windows PC. In order to be assigned an IP on the remote network behind the OpenVPN server, the OpenVPN client and server would have to be using a bridged (tap) configuration.
Since I can't see the OpenVPN server config, I can only assume the tunnel's network is using 192.168.254.0 255.255.255.0, given the reported range of assigned IPs.
Normally the OpenVPN server should "push" its own network to the OpenVPN client if it expects that client to route traffic for that network over the tunnel.
Code:
push "route 192.168.0.0 255.255.255.0"
Or else, if the OpenVPN server is configured to change the OpenVPN client's default gateway by pushing the following directive to that client …
Code:
push "redirect-gateway def1"
… then the client will eventually locate the 192.168.0.0/24 network on the other side of the tunnel once it realizes is doesn't have any local routing information for that network.