File sharing on a Beryl VPN server not accessible from a Beryl VPN client

I have been experimenting with the GL-AXT1800 (Slate AX) and the GL-MT1300 (Beryl) for some time and I got an anomaly with the Beryl that I do not have with the Slate AX. Both the Slate AX and the Beryl routers have the most recent updates.

Case (A): Using the Slate AX as a VPN Server (either using OpenVPN or WireGuard) I can access a microSD card located in the Slate AX server from a Beryl client (using either OpenVPN or WireGuard).

Case (B): If I use a Beryl as a VPN Server (either using OpenVPN or WireGuard) I cannot access a microSD card located in the Beryl server from another Beryl acting as a VPN client (either using OpenVPN or WireGuard). Note that the microSD card is accessible (using \192.168.9.1) when connected to the Beryl server, but not when connected to the Beryl client and the VPN tunnel is active. I have verified that the setting “access local network” is activated in the server. The equivalent setting “allow remote access LAN” in the Slate AX is of course also activated.

As in both situations I have access to the File Sharing (using Samba) when working locally, I assume the problem is not with the Samba settings but with the VPN or network settings.

I am going to describe the connections for case (B) with the Beryl Server using OpenVPN Server.

Connections:

The Beryl Server has IP 192.168.9.1 and is connected by cable to the front-end modem/router which is connected to the internet using a static WAN IP (thus no DDNS needed). Port Forwarding is activated on the front-end modem/router to allow access to 192.168.9.1 from outside.

The Beryl Client has IP 192.168.8.1 and is connected to the internet by repeater wireless. In this tests I am using the wireless of my neighbor with a different WAN IP than my own WAN IP. The cable is disconnected to force the traffic through the WIFI of my neighbor.

Observations:

B1) When the VPN tunnel is active (Client OpenVPN connected to Server OpenVPN) I have access to the internet (from the Beryl Client 192.168.8.1) through my WAN IP, not the WAN IP of my neighbor (verified using a “what is my IP address“ site).

B2) If I try \192.168.9.1\ (the Beryl server file sharing) from the client Beryl, I get the windows error message “Windows cannot access \192.168.9.1, error code 0x80070035”

B3) If I ping the Beryl server 192.168.9.1 from the Beryl client 192.168.8.1 I get normal results. The same if I ping 10.8.0.1.

B4) now this one is very strange: If, when connected to the Beryl client 192.168.8.1, I log in to the Beryl at 192.168.9.1 (the Beryl Server) I enter the UI interface but what I get is not the interface of the Beryl Server, but the interface of the Beryl client!!! Thus where it should show under VPN that OpenVPN server is active, it shows that OpenVpn CLIENT is active !!! Thus loging to 192.168.9.1 logs to 192.168.8.1 instead.

All these observations are similar if I use as VPN Wireguard Server and Client instead of OpenVPN Server and Client.

The same tests using the Slate AX as Server (case (A)) and the same Beryl 192.168.8.1 as client (this time using of course the settings defined in the Slate AX server) work as expected, without glitches.

Has anyone had this problem before, and how to solve it?

I discovered the problem myself….
The Client Beryl at 192.168.8.1 has the original factory LAN settings: 192.168.8.1 for the normal LAN and 192.168.9.1 for the GUEST LAN (both IP’s not modified by me). I did not modify any of these IP’s. But I did modify the LAN IP of the Server Beryl from factory setting 192.168.8.1 to 192.168.9.1 in order to be able to have both Beryls on the same network.

When connected through the VPN tunnel and I access 192.168.9.1 (which is the IP of the Server Beryl) from the Beryl Client at 192.168.8.1, the routing accesses the inactive GUEST LAN instead of the remote Server LAN at 192.168.9.1. When I changed the GUEST LAN IP to 192.168.18.1 (it could be another value far away from 192.168.9.1) the problem disappeared.

If the GUEST LAN IP would be disabled when the Guest LAN is not enabled, I would not have this problem. Perhaps a suggestion: Disable the GUEST LAN IP when the GUEST LAN is not enabled! Otherwise a suggestion for the docs: when the user changes the LAN IP, he should change the GUEST LAN IP as well, even if the GUEST LAN is not active.

Thanks!

3 Likes

Yes. This should be the case.