Bridging GL-AR750 + Have Active VPN

Hi All!

My GL-AR750 is in router mode because it is using the VPN capability. As such, it is on its own gateway path of 192.168.8.1 versus the main network running on the path 192.68.1.1. The main network can’t ping the GL-AR750 because they are separated this way.

It is important that the VPN is running on the GL-AR750 access point.

Is there a creative solution to mixing them together so that the devices connected to the GL-AR750 can be seen on the same network?

Regards,
Enterfrize

Even if the VPN runs in AP mode, other devices on the 192.168.1.1 subnet cannot use it because the router in AP mode does not have the nat function.

The DROP-in gateway mode might suit your needs, but it is a 4.2 feature that is currently not supported by the AR750.

I was more thinking about network devices seeing each other. So it’s OK if not all the devices can share the VPN. I’m more interested in devices seeing each other on the same network regardless of how they are connected to the Internet.

I read that a static route might be the solution (see the bottom of this article).

1 Like

OK - I’m just not having luck. :slight_smile:

I read that port forwarding could be an option, but I’m not doing it right (if there is a right way of doing this!).

All I want is:

  1. One main network router with its own unprotected Internet connection. This is what connects to the Internet.
  2. A secondary router with VPN (AR750). This connects to the main router via the WAN port.
  3. Just one or two devices connected to the AR750 VPN router through WIFI.
  4. For devices on the main router to see the devices on the AR750 VPN router. The main router is 192.168.1.X and the VPN router is 192.168.8.X.

I do NOT need the devices on the main router to feed through the VPN of the AR750. I just want the devices to see each other on the network. Even if I have to manually enter the IP addresses to be seen, that would be OK.

Is there a solution for this?

Ideas I’ve seen posted include:

  1. Port forwarding
  2. Static route

Is this beyond the capability of the AR750 router?

Regards,
Enterfrize

One more wrinkle.

It occurred to me that the port connection is through WAN on the AR750 because this is what the VPN works through. Does this mean that all data going through that VPN port is encrypted and therefore unrecognizable by a networked device?

I tried connecting an additional ethernet cable between the routers on a non-WAN port. It didn’t make a difference for me, but maybe this is a factor too if that WAN port is not something that could be networked through.

I DID IT!!!

Could someone explain HOW I did it though? I’ll explain my question…

  1. Router 1 is my main router. 192.168.1.1, DHCP, etc.
  2. Router 2 is AR750. IP is 192.168.8.1. Static Internet IP of 192.168.1.202 (I have a reason for that). Gateway 192.168.1.1, DNS 192.168.1.1 for the Internet settings on the AR750.
  3. My stereo system is connected to AR750. VPN is ON. Static IP in AR 750 of 192.168.8.5.

I did IP sniffing on my main network, and I found that the AR750 has an IP address in the network (192.168.1.202). What I discovered was that IP address is my stereo system and not the AR750 router! So the device IS visible, but it’s under the router’s name and not the device’s name.

I connect and can control my stereo through the IP within the main network (192,168.1.202), and the stereo runs through the VPN on the AR750 (192.168.8.5).

So it works.

This is what I don’t understand. I settled on a static IP of 192.168.1.202 for the Internet in the AR750 router. It was just a single IP choice; not a list of IPs. What if I had other devices on that network beyond just my stereo? Would the AR750 have created additional IP addresses in the main network to compensate? Why did this work for me?

Regards,
Enterfrize

It is actually possible to set up a GL.iNet router in Router mode on the main network LAN and IP subnet, without connecting the WAN port, and still be able to run a VPN client on it.

Here is a procedure to set up the GL.iNet router as a “LAN-only” access point:

After that is working, configure and start a VPN client on the GL.iNet router. On each device that is to connect over VPN, manually set a static IP address, gateway IP address to the GL.iNet router and DNS server IP address as appropriate.

I do not work for and I do not have formal association with GL.iNet

It sounds like you have set up port forwarding on the GL.iNet router from the WAN IP 192,168.1.202 (router) to the LAN IP 192.168.8.5 (stereo). If this is the case, then port forwarding will only work to a single IP on the LAN, but not to 2 or rmore LAN devices on the same port.

BINGO!!!

That’s exactly what happened. I did set up that Firewall rule and I thought it hadn’t worked. Turns out I misunderstood how to use it.

Thank you for that!

Enterfrize