Hi All, I am able to connect to my OpenVPN server on my Asus RT-AC68U router however unable to connect / ping any of my devices on my LAN. My network settings are as below:
WAN IP with 210.x.x.x
LAN IP = 192.168.1.1
LAN Devices IP in the 192.168.1.xxx range
VPN Server Settings as follows:
Interface Type: TUN
Protocol: UDP
Server Port: 443
Respond to DNS: Yes
Advertise DNS to Clients: Yes
Encryption Cipher: AES-256-CBC
HMAC Authentication: SHA 1
Compression: Adaptive
Authorization Mode: TLS
Username / Password Auth. Only: Yes
RSA Encryption: 1024 bit
Extra HMAC Authorization: Disable
VPN Subnet/Netmask: 10.8.0.0 / 255.255.255.0
Push LAN to Clients: Yes
Direct Clients to Redirect Internet Traffic: No
TLS Renegotiation Time: -1
Manage Client-Specific Options: No
I export the above configuration file and import on OpenVPN connect on my iPhone. Once connected, I am able to ping my LAN IP but nothing else on the LAN. I have also check with whatsmyip.com, when I am connected to wifi, my IP is the same as my WAN IP. However when connected to 4G and OpenVPN, my ip is still the same as when it was solely on 4G without VPN connection. I am guessing this might be the problem?
Also I have the OpenVPN log from the iphone below:
Open VPN Start
OpenVPN core 3.2 ios arm64 64-bit PT_PROXY
Frame = 512/2048/512 mssfix-ctrl=1250
UNUSED OPTIONS
2 [nobind]
5 [sndbuf] [0]
6 [rcvbuf] [0]
EVENT : RESOLVE
Contacting [210.x.x.x]:443/UDP via UDP
EVENT : WAIT
Connecting to [vpn.asuscomm.com]:443 (210.x.x.x) via UDPv4
EVENT: CONNECTING
Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,protoUDPv4,comp-lz0,cipher AES-256-CBC,authSHA1,keysize 256,key-method 2,tls-client
Creds: Username/Password
Peer Info: IV_GUI_VER=net.openvpn.connect.ios 3.0.1-770
IV_VER=3.2
IV_PLAT=ios
IV_NVP=2
IV_TCPNL=1
IV_PRONTO=2
IV_LZO=1
VERIFY OK: depth=0
Cert.version: 3
Serial number: 01
Issuer name: C=TW, ST=TW, L= Taipei,O=ASUS,CN=RT-AC68U
emailAddress=me@myhost.mydomain
subject name: C=TW,ST=TW,L=Taipei,O=ASUS,CN=RT-AC68U,
emailAddress=me@myhost.mydomain
issued on: 2018-09-15
expires on: 2028-09-12
signed using: RSA with SHA1
RSA kev size: 1024 bits
Basic constraints: CA=false
Cert.type: SSL Server
Key usage: Digital Signature, Key Encipherment
Ext key usage: TLS Web Server Authentication
SSL Handshake: TLSv1.0/TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
Session is ACTIVE
EVENT: GET_CONFIG
Sending PUSH_REQUEST to server…..
OPTIONS:
0 [route] [192.168.1.0] [255.2555.255.0][vpn_gateway][500]
1 [dhcp-option][DNS][192.168.1.1]
2[route][10.8.0.0][255.255.255.0]
3[topology][net30]
4[ping][15]
5[ping-restart][60]
6[ifconfig][10.8.0.6][10.8.0.5]
PROTOCOL OPTIONS:
Cipher: AES-256-CBC
Digest: SHA1
Compress: LZO
Peer ID: -1
EVENT: ASSIGN_IP
NIP: preparing TUN network settings
NIP: init TUN network settings with endpoint: 210.x.x.x
NIP: adding IPv4 address to network settings 10.8.0.6/255.255.255.252
NIP: adding(included)IPv4 route 10.8.0.4/30
NIP: adding(included) IPv4 route 192.168.1.0/24
NIP: adding(included) IPv4 route 10.8.0.0/24
NIP: adding DNS 192.168.1.1
NIP: adding match domain ALL
NIP: adding DNS specific routes:
NIP: adding(included) IPv4 route 192.168.1.1/32
Connected via NetworkExtentionTUN
LZO-ASYM init swap=0 asym=0
EVENT:CONNECTED username@vpn.asuscomm.com:443 (210.x.x.x) via /UDPv4 on NetworkExtensionTUN/10.8.0.6/ gw=[/]
In router routing table I have the following information:
Destination Gateway Genmask Flags Metric Ref Use Type Iface
10.8.0.2 * 255.255.255.255 UH 0 0 0 tun21
210.x.x.x * 255.255.255.255 UH 0 0 0 WAN0 eth0
210.x.x.x * 255.255.255.252 U 0 0 0 WAN0 eth0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun21
192.168.1.0 * 255.255.255.0 U 0 0 0 LAN br0
default 210.x.x.x 0.0.0.0 UG 0 0 0 WAN0 eth0
I've gone through the post by Yorgi several times and I believe I have set it up as per his instructions. I've also trawled the web trying to find a solution to my problems and none have solved my problem. Thus any help would be greatly appreciated. Thanks in advance
WAN IP with 210.x.x.x
LAN IP = 192.168.1.1
LAN Devices IP in the 192.168.1.xxx range
VPN Server Settings as follows:
Interface Type: TUN
Protocol: UDP
Server Port: 443
Respond to DNS: Yes
Advertise DNS to Clients: Yes
Encryption Cipher: AES-256-CBC
HMAC Authentication: SHA 1
Compression: Adaptive
Authorization Mode: TLS
Username / Password Auth. Only: Yes
RSA Encryption: 1024 bit
Extra HMAC Authorization: Disable
VPN Subnet/Netmask: 10.8.0.0 / 255.255.255.0
Push LAN to Clients: Yes
Direct Clients to Redirect Internet Traffic: No
TLS Renegotiation Time: -1
Manage Client-Specific Options: No
I export the above configuration file and import on OpenVPN connect on my iPhone. Once connected, I am able to ping my LAN IP but nothing else on the LAN. I have also check with whatsmyip.com, when I am connected to wifi, my IP is the same as my WAN IP. However when connected to 4G and OpenVPN, my ip is still the same as when it was solely on 4G without VPN connection. I am guessing this might be the problem?
Also I have the OpenVPN log from the iphone below:
Open VPN Start
OpenVPN core 3.2 ios arm64 64-bit PT_PROXY
Frame = 512/2048/512 mssfix-ctrl=1250
UNUSED OPTIONS
2 [nobind]
5 [sndbuf] [0]
6 [rcvbuf] [0]
EVENT : RESOLVE
Contacting [210.x.x.x]:443/UDP via UDP
EVENT : WAIT
Connecting to [vpn.asuscomm.com]:443 (210.x.x.x) via UDPv4
EVENT: CONNECTING
Tunnel Options:V4,dev-type tun,link-mtu 1558,tun-mtu 1500,protoUDPv4,comp-lz0,cipher AES-256-CBC,authSHA1,keysize 256,key-method 2,tls-client
Creds: Username/Password
Peer Info: IV_GUI_VER=net.openvpn.connect.ios 3.0.1-770
IV_VER=3.2
IV_PLAT=ios
IV_NVP=2
IV_TCPNL=1
IV_PRONTO=2
IV_LZO=1
VERIFY OK: depth=0
Cert.version: 3
Serial number: 01
Issuer name: C=TW, ST=TW, L= Taipei,O=ASUS,CN=RT-AC68U
emailAddress=me@myhost.mydomain
subject name: C=TW,ST=TW,L=Taipei,O=ASUS,CN=RT-AC68U,
emailAddress=me@myhost.mydomain
issued on: 2018-09-15
expires on: 2028-09-12
signed using: RSA with SHA1
RSA kev size: 1024 bits
Basic constraints: CA=false
Cert.type: SSL Server
Key usage: Digital Signature, Key Encipherment
Ext key usage: TLS Web Server Authentication
SSL Handshake: TLSv1.0/TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA
Session is ACTIVE
EVENT: GET_CONFIG
Sending PUSH_REQUEST to server…..
OPTIONS:
0 [route] [192.168.1.0] [255.2555.255.0][vpn_gateway][500]
1 [dhcp-option][DNS][192.168.1.1]
2[route][10.8.0.0][255.255.255.0]
3[topology][net30]
4[ping][15]
5[ping-restart][60]
6[ifconfig][10.8.0.6][10.8.0.5]
PROTOCOL OPTIONS:
Cipher: AES-256-CBC
Digest: SHA1
Compress: LZO
Peer ID: -1
EVENT: ASSIGN_IP
NIP: preparing TUN network settings
NIP: init TUN network settings with endpoint: 210.x.x.x
NIP: adding IPv4 address to network settings 10.8.0.6/255.255.255.252
NIP: adding(included)IPv4 route 10.8.0.4/30
NIP: adding(included) IPv4 route 192.168.1.0/24
NIP: adding(included) IPv4 route 10.8.0.0/24
NIP: adding DNS 192.168.1.1
NIP: adding match domain ALL
NIP: adding DNS specific routes:
NIP: adding(included) IPv4 route 192.168.1.1/32
Connected via NetworkExtentionTUN
LZO-ASYM init swap=0 asym=0
EVENT:CONNECTED username@vpn.asuscomm.com:443 (210.x.x.x) via /UDPv4 on NetworkExtensionTUN/10.8.0.6/ gw=[/]
In router routing table I have the following information:
Destination Gateway Genmask Flags Metric Ref Use Type Iface
10.8.0.2 * 255.255.255.255 UH 0 0 0 tun21
210.x.x.x * 255.255.255.255 UH 0 0 0 WAN0 eth0
210.x.x.x * 255.255.255.252 U 0 0 0 WAN0 eth0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun21
192.168.1.0 * 255.255.255.0 U 0 0 0 LAN br0
default 210.x.x.x 0.0.0.0 UG 0 0 0 WAN0 eth0
I've gone through the post by Yorgi several times and I believe I have set it up as per his instructions. I've also trawled the web trying to find a solution to my problems and none have solved my problem. Thus any help would be greatly appreciated. Thanks in advance
Last edited:
