Posted: Fri Aug 20, 2021 1:21 Post subject: Newbie OpenVPN question
I have an asus router at my house that is setup with OpenVPN as the server. I created a key and installed the OpenVPN app on my phone. I can get to my devices on my home network via my phone using the VPN app.
I have a vacation home that has multiple IP cameras. I have flashed DDWRT to an old Netgear R6250 router and would like to set up a way using this router to either create a new Server or do a point to point tunnel between my two locations so I can always see my IP cameras.
Total newbie when trying to set this up. The Asus way of setting up OpenVPN was fairly easy, but the screens I'm getting on my Netgear router look a lot more complex.
I've looked online but they all seem to be for setting up a server, which I'm not even sure I need to do?
Joined: 15 Aug 2016 Posts: 223 Location: Melbourne, Australia
Posted: Fri Aug 20, 2021 3:01 Post subject: Re: Newbie OpenVPN question
jwadsley wrote:
...I've looked online but they all seem to be for setting up a server, which I'm not even sure I need to do?
More often, it can be intimidating a task which one has mastered elsewhere but has to start from scratch due to differences in GUI. I was a BETA tester of Windows 95 before it was launched. Despite that, I had to spend several hours familiarizing myself with each later versions of Windows to enable a smooth ... sailing afterward.
Don't let it intimidate you. Here is a step-by-step as laid out in the linked doc. by egc below.
Joined: 15 Aug 2016 Posts: 223 Location: Melbourne, Australia
Posted: Fri Aug 20, 2021 23:28 Post subject:
I still remember vividly what my mum taught me when young to ask nicely when you need help. Especially from a stranger. My mum has now passed away and I am more than 60 years young, with my oldest daughter at 34.
Somehow typing onto a screen using a keyboard tends to make users forget that these are just medium. It still requires someone's thoughts, on the other side of the server.
This forum, as far as I know, is contributed by volunteers. Not paid workers.
P.S. I stand to be corrected. If wrong. _________________ Life is a journey; travel alone makes it less enjoyable and lonely.
Joined: 08 May 2018 Posts: 14222 Location: Texas, USA
Posted: Sat Aug 21, 2021 4:09 Post subject:
We don't know what Asus router you have that is running stock (or RMerlin / AsusWRT-Merlin) or other details. Specific information is quite helpful for us to help you. _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Joined: 18 Mar 2014 Posts: 12889 Location: Netherlands
Posted: Sat Aug 21, 2021 5:45 Post subject:
DDWRT uses OpenVPN 2.5.3.
This is compatible with OpenVPN 2.4.
The latest 2.4 version which has the latest security fixes is 2.4.9.
So if stock or Merlin uses at least 2.4.9 you are fine.
But with any 2.4.x it should work.
Edit:
Setup your home as OpenVPN server attach your vacation home as client site-to-site setup.
You now have bidirectional traffic between home and vacation home.
You can use your phone to connect to your home (like you are doing now) and when connected can also see your holiday home.
Let me add another twist to this equation, my parents would also like to connect to see our vacation home cameras....can I add a second client at their house and then all three of us can see each other's cameras?
I assume I need a different 192.168.X.XX address range for each home so they VPN connection and the local connections don't conflict with each other?
We don't know what Asus router you have that is running stock (or RMerlin / AsusWRT-Merlin) or other details. Specific information is quite helpful for us to help you.
My Asus Router is RT-AC87R and I believe from looking at the log VPN is 2.4.7?
OpenVPN 2.4.7 arm-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May 1 2021
Joined: 18 Mar 2014 Posts: 12889 Location: Netherlands
Posted: Sat Aug 21, 2021 15:01 Post subject:
2.4.7 had some minor security issues, I would upgrade but that is just me it is not terribly important.
You can tie everything together So one server and multiple clients which can see each other.
It is not easy especially if you use different builds i.c. firmwares
and yes everything has to be on a different subnet.
Maybe not everyone will agree but setting this up with WireGuard is easier.
In the WireGuard Advanced setup guide is an example of a 3 way site-to-site setup.
Here is a step-by-step as laid out in the linked doc. by egc below.