I have a GL-MT300N-V2. The device is simple enough. I would like it to do VPN Server only though. I bought a eero mesh system for my home and it does not allow for static routes. I would like to setup the device in a mode other than router that provides my ability to VPN into my network, utilize my existing DHCP, and be able to access the other devices on my network. Is this possible?
I did have the device setup. Both the LAN and WAN ports were connected to my internal network and I had the WAN setup with an internal IP address coming from DHCP from my eero and the LAN was the default (different IP range) and I had the VPN server setup to use my local network. This appeared to work except it had issues with detecting other devices on my network as devices attached to the GL.
Would love to see a mode setup for VPN server only where we can connect up the WAN or LAN, setup the VPN server, then have it connect and access the network.
I have done this and it works. In the connected device list for the Router page, it shows some wired and some wireless devices even though they are not connected to the GL-MT300N-V2. Like it has devices connecting to it but not really.
I want to only use the device as a VPN server. I have no other purpose for it and the Eero unfortunately doesnât have the capability without breaking the pay wall for monthly service fees.
Right, I had put in a tech support request to run ONLY the VPN server. This is not currently possible. The device has been working just fine, the LAN output that it has is serving up a different subnet. When asking for advise on this forum it was indicated that it would be just fine. Unfortunately that has proven to not be the case. This was the only way to get to the devices on my network through the VPN server. If I can disable the DHCP, then I have the ability to keep the ârecommendedâ configuration for VPN server only and access my local LAN via the VPN server.
I donât see why it is not possible to run a VPN Server on the MT300N-V2. As far as I read the thread, it is working well. It just canât be reached, because of your infrastructure.
Put exact this device with exact this configuration at any router and add a simple port forwarding and you can use the Mango as VPN Server. Right?
Why canât you just follow the advice and plug out the LAN? There is no DHCP running on WAN. And the VPN will be still available.
And depending on the setup you are able to reach the admin panel as well, within the VPN.
Or plug LAN behind the Eero direct on the router (the DHCP, I assume?). With a little luck the delay to the clients is big enough, that the router is ale to answer first.
DHCP requests are not subnet aware. Client asking FF:FF:FF:FF:FF:FF: âhey, has someone data for me?â, any DHCP which is first reply âhey, gotcha friend. here are your dataâ ⌠And FF:FF:FF:FF:FF:FF (broadcast) is not part of any subnet, as we all know. Not a Mango issue, thatâs how it works.
If youâve hat a different VLAN and a managed switch, it could work. But with a normal switch, youâll have a ârace conditionâ problem with two DHCP. And even if youâve solved this, how will be the further routing? The Clients from subnet A wonât be able to easily reach subnet BâŚ
But to make it easy:
Disable DHCP 1:
Put router in âBridge Modeâ. This should disable DHCP Server.
Disable DHCP 2:
login to your router via ssh
edit the file /etc/config/dhcp
add option ignore '1' at the end of block config dhcp 'lan'
There is no bridge function on this device. If you only have the WAN plugged in, then you only get to the VPN server and none of the devices on the network. If you have both plugged in and disable DHCP, then you do not have a dual DHCP setup.
Thank you for the clarification. I really do appreciate the explanation of DHCP and the like, am long time veteran of IT. This device is just a vexing little device for itâs simplicity and complexity at the same time. Once I got the LuCI installed, I was able to disable the DHCP on the interface or âignoreâ it to be more specific, I have had no issues since then. The device works as I would expect now as a VPN Server only that is able to access my network devices.
Again, thanks for the help LupusE. That was the missing piece I didnât have.