What's new

OpenVPN site-to-site with Asus Merlin with 2 domains 192.168.1.x & 192.168.2.x

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

bobby

Occasional Visitor
I have been trying to set up a site-to-site network, with two RT-N66U routers running Merlin 376.48_1 (the latest one)

I can connect both but cannot ping any ip address from the server side to the client side. I tried the settings of Pleske on this forum, but it did not work for me.

Set up is as follows:
Network 1 (Server side)
IP Range: 192.168.1.x/24
Router RT-N66U Firmware Merlin 376.48_1

Network 2 (Client Side)
IP Range: 192.168.2.x/24
Router RT-N66U Firmware Merlin 376.48_1

Requirements: the networks should be able to access and see each other (NAS + VOIP traffic) but internet traffic should be routed locally, not through the VPN.

Obviously there is something wrong with the routing but I don't know what.

I am attaching the settings below, for both the server side and the client side.

Any suggestions on what to change? Thanks in advance.

Afterthought:
Would it be easier to change the ip range in network 2 to 192.168.1.x? There are only 2 dynamic clients in this network. What IP address should the router in network 2 have, in this case, to avoid conflict with network 1?
 

Attachments

  • Server settings.jpg
    Server settings.jpg
    49.5 KB · Views: 991
  • Client Settings.jpg
    Client Settings.jpg
    49.3 KB · Views: 995
Last edited:
Setup your network 2 (client) to 192.168.1.x

Network 1 (Server Router)
Router IP address: 192.168.1.1
Lan IP Pool : 192.168.1.10 - 192.168.1.50

VPN Server Setting:
Allocate from DHCP : No
VPN Client Address Pool : 192.168.1.200 - 192.168.1.225


Network 2 (Client Side)
Router IP address: 192.168.1.2
Lan IP Pool : 192.168.1.51 - 192.168.1.100
 
Last edited:
So here's the weird thing - on the SERVER, go to the settings and at the bottom, do it as such:

http://i.imgur.com/2OMd9OL.jpg

In my image 192.168.50.0/24 is my CLIENT side. Once you have this added, for some reason, the server side can then ping the client side.

You'll see that I have the client<->client box checked, etc. Try this, it should work. It took me forever to figure this out. Truthfully, if you use something like pfSense, you'll see that what Asus is doing is using this really for RA (remote access) not site to site. It'd be cool if Merlin could build in some functionality like pfSense has whereas there's a wizard. In pfSense wizard it'll ask if you want RA or lan to lan. Don't bother using username/password for the connection.
 
I have done the same config, but I cannot access http/ftp or samba from server network 192.168.1.x to the client router 192.168.2.1! Start with WAN is checked! The ping to 192.168.2.1 needs only 1ms *wtf*, the ping to 192.168.2.199 needs 80ms (ping is flowing really over the internet)!
 
I have done the same config, but I cannot access http/ftp or samba from server network 192.168.1.x to the client router 192.168.2.1! Start with WAN is checked! The ping to 192.168.2.1 needs only 1ms *wtf*, the ping to 192.168.2.199 needs 80ms (ping is flowing really over the internet)!
Change the IP from router 2 to 192.168.1.2 and then it will work and have only one of the routers do a DHCP
when you create 2 different networks you cannot see the Samba server but you can access ftp via internet and not via LAN
 
And what is wrong with having OpenVPN server running on each of the routers and then running VPN clients on each of the routers connecting to the other server?

Just do not clash addresses. Routng will automatically go from 192.168.1.1.x to 192.168.2.x and from the other side from 192.168.2.x & 192.168.1.x as and when needed, completely transparent. Each side will have own local exit to the Internet, also.
 
I have been trying to set up a site-to-site network, with two RT-N66U routers running Merlin 376.48_1 (the latest one)

I can connect both but cannot ping any ip address from the server side to the client side. I tried the settings of Pleske on this forum, but it did not work for me.

Set up is as follows:
Network 1 (Server side)
IP Range: 192.168.1.x/24
Router RT-N66U Firmware Merlin 376.48_1

Network 2 (Client Side)
IP Range: 192.168.2.x/24
Router RT-N66U Firmware Merlin 376.48_1

Requirements: the networks should be able to access and see each other (NAS + VOIP traffic) but internet traffic should be routed locally, not through the VPN.

Obviously there is something wrong with the routing but I don't know what.

I am attaching the settings below, for both the server side and the client side.

Any suggestions on what to change? Thanks in advance.

Afterthought:
Would it be easier to change the ip range in network 2 to 192.168.1.x? There are only 2 dynamic clients in this network. What IP address should the router in network 2 have, in this case, to avoid conflict with network 1?
Did you ever get you VPN site-to-site working???
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top