Hi all, I have been unsuccessful in using OpenVPN Client to connect through my GL-AXT1800 to the devices on the LAN. My setup is fairly basic: LAN – GL-AXT1800 – Internet – OVPN Client
I’ve spent time on these forums to try and resolve this issue and can validate the following settings:
Allow Remote Access LAN is enabled
Route Rule added for my LAN subnet (192.168.17.0/24)
LuCI firewall tab shows ovpnserver => LAN/WAN is accept/accept/accept
I can use Open VPN client to connect to the router. I can ping the router (192.168.17.1) and I can manage it remotely, but I cannot ping any devices past the router. What steps am I missing to make this setup work?
Thanks for the reply! My client is my PC, not another router.
I spent some time on this today and I discovered that my LAN devices are not able to get out to the Internet. They can receive a DHCP address no problem, but they cannot ping the router on the LAN side (though my VPN client can ping the router). I also tried switching from LAN1 to LAN2 but that didn’t help.
I checked the firewall rules and LAN is allowed out to the WAN and to VPN. Is there another policy somewhere that could be blocking LAN access to the Internet? This is probably what’s preventing my VPN client from accessing the devices.
Okay thanks, I’ll upgrade the router and look into that as the VPN. In the meantime, I still need to figure out why these devices can get DHCP but can’t get out to the Internet, and assumedly this is why they can’t get to the VPN devices.
The router can be configured via the VPN, so Internet access is there. I’m also testing with IP addresses so DNS wouldn’t be an issue here.
My internal switch cannot ping the router’s IP, but it gets ARP resolution and so connectivity is there. Very strange.
How is your Slate AX connected to the web? Are you in a double NAT situation? Nevertheless, try Tailscale as it is so easy to use with no configurations, punching holes through firewalls or setting up port forwarding required.
Hi, @kishsquared ,
I’m not sure I 100% understood your problem, but did you accidentally activate in your Gli device the option “Block NON VPN traffic” in VPN Dashboard’s global options ?
Disabling this option should allow Internet access to clients of your gli device.
An anoher problem is that you can’t get access to the local area network of your gli device from the outside, maybe firewall and traffic rules.
Could you please upload screenshots of luci main firewall settings and firewall Traffic Rules for OVPN server / client. It’s in a tab " Traffic Rules".
It is possible that you previously created a deny rule, which may be higher in the Traffic Rules list and therefore have priority.
Here are my VPN global settings - I appreciate you pointing this out as I hadn’t noticed they exist. Looks like that setting is disabled.
I think at this point my issue is that my LAN devices can’t get out to the Internet, despite receiving DHCP. As mentioned before, they cannot ping the router, but they get ARP responses from it. Very strange.
@hansome I’m open to a remote session to try and resolve this.
