No internet via Slate AXT1800 when connected to VPN Server via OpenVPN, via Repeater?


I need some help trying to figure out why my Slate AXT1800, when connected (as a Client) to my ASUS RT-AX86U via OpenVPN (VPN config exported from Asus Router) does not provide internet access at all.

I first connected the Slate to the network (same ASUS Router) in Repeater Mode. This works fine, it connects, has internet access and is given a DHCP IP address by the router.

I am reasonably confident my OpenVPN config is fine, I have operated it from iOS and Windows devices (remotely) and used RDP with no issue.

One issue I did have in trying to get this thing to work was that this profile would NOT turn on via the GLINET APP; only via the webadmin page. Possibly a separate GLiNET app issue?

In the ASUS Router VPN Webadmin page I can SEE the GLiNet device is connected via the correctly named profile. So, why does it not give me internet access? Running 4.1.0 beta 3 29Oct22. Set the SLATE on to avoid issues with IP addresses of certain MiFi dongles.

I even tried enabling IPV6. Nope.

Before I reset everything, am I missing a step here ?



Which version of the App do you use?
Can you provide a template for your OpenVPN profile (with all privacy and encryption information removed)?

Please check the routing table on SlateAX. Or run the traceroute command on SlateAX to see if it is forwarded to the server correctly.

  1. GLiNET App Version 1.3.2 (122) on iPad. Same on iPhone

# Config generated by Asuswrt-Merlin 386.7, requires OpenVPN 2.4.0 or newer.

dev tun
proto udp
remote 1194
resolv-retry infinite
ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC
keepalive 15 60
remote-cert-tls server



  1. See attached.

The first set (the ones that work) are routes when the Slate is connected to my ASUS Router in Repeater Mode only. Internet Works. IPV6 (there was a message about IPV4).

The second set (the ones that do not work) are routes when the Slate is in VPN Mode.connected to my Router in Repeater Mode, but the . Internet Works. IPV6 (there was a message about IPV4).

There are a few other issues with the GLiNET but I wil post on thes separately.

The VPN client does not yet support IPv6. Can you see the IP address of your asus router if IPv6 is disabled and the VPN is enabled using traceroute?

I’m sorry you’re going to have to explain a wee bit more what you need me to do here?

I’m good at following instructions, reasonably tech savvy, but I’m not in IT or know anything about Nix etc so working out what you’d like me to do is a challenge.

If my main ASUS Router runs OpenVPN Server and IPv6 is enabled, do I have to disable IPv6 on that router before the SLATE OpenVPN client can connect to it; is this what you mean?

By “see” the IP address of my router, do you mean can I access the ASUS admin page with IPv6 disabled (on the SLATE client?) Leaving OpenVPN on with IPv6 off I ran traceroute to the asus server on see attached.

Is this what you need?

Let me re-explain.

  • Your OpenVPN Client profile does not have IPv6 enabled. it uses the parameter proto udp6 to enable it.
  • The VPN Client feature on the AXT1800 does not yet support IPv6.

So you should disable IPv6 on the AXT1800 and then retest traceroute
We now need to verify that when the AXT1800 accesses the Internet, the packets are correctly forwarded to the RT-AX86U.

Ok so :
running OpenVPN client on the Slate, no IPv6
running OpenVPN Server on the RT-AX86U, IPv6 enabled.

Trace route below. I stopped after 9… it goes to 20.


PS changed Slate to IP as is the Guest Network. reserved for fixed MiFis.

One more question, which of the following do you mean here?

  • Two RT-AX86Us in two different locations, one as an OpenVPN Server and the other as the main router for the AXT1800.
  • One RT-AX86U, which acts as the OpenVPN Server and also as the main router.

If is the virtual address of your OpenVPN Server, then packets accessing the Internet are reaching the RT-AX86U correctly, and as to why the RT-AX86U is not sending it, you should check the configuration of the RT-AX86U.

The second: One RT-AX86U, which acts as the OpenVPN Server and also as the main router.

That’s odd because as noted above I have long had a successful VPN connection when I access my ASUS VPN via any Windows or iOS OpenVPN client, using the exact same OVPN profile.

Why then, in attempting the same using the SLATE, does it not work, and becomes a problem with the ASUS? I struggle with this (not saying you are wrong, it just doesn’t make sense).


Why do you use it in this way?
I’m not sure if this will result in a loopback on OpenVPN Server. This should be an undefined usage scenario for OpenVPN.

I am just testing it before my wife takes a trip. Eventually it will be abroad and I wanted her to be able to turn on the vpn on the SLATE maybe assigned to an easy button, then she can access my ASUS router and RDP to home PC resources without having to tun OVPN from her PC; which is the current arrangement. I’m pretty miffed it doesn’t work like I intended (but maybe it’s me).

Do Windows or iOS devices also have direct access to the RT-AX86U’s Wi-Fi?

No, what I mean is that the OpenVPN Server needs to be checked to see why the forwarding is not taking place. We haven’t identified the problem yet.
I personally suspect more of a loopback causing it. Can you have the AXT1800 networked in another way (without RT-AX86U) and try again?

[quote=“yuxin.zou, post:14, topic:24905”]
Do Windows or iOS devices also have direct access to the RT-AX86U’s Wi-Fi? [/quote]

Yes, some do. But my testing of the connection is via the iPad connected to the SLATE WIFI; which is connected to the ASUS via Wi-Fi repeater mode. Eventually this will not be the connection mode.

I can but I’m going to need some guidance how. Shall I try to tether it to my phone? I thought about attaching it via Ethernet but that didn’t make sense?

You can use the Networking Wizard on the App. It will guide you configure to Tethering.
Network Tab - Internet - Networking Wizard

Or refer to the document if you do not have another phone.

OK thanks!

So I’ve learnt a bunch of stuff (steep learning curve).

Using tethering (LTE ONLY) on the SLATE I can access the ASUS Webadmin and run RDP with OpenVPN enabled. This is the behaviour I expected. It is RDP my wife needs, not internet access via OpenVPN. I must apologize here as I forgot I had “LAN only” enabled on the VPN Server; hence no internet.

I still do not know why I can NOT access the ASUS Webadmin and run RDP with OpenVPN enabled, when the SLATE is connected to the ASUS Router in repeater mode, although if it works outside my LAN it’s not a major issue. Just harder to test at home. Be nice for it work though :+1: :grinning:


For RDP, can you check if it is Windows firewall blocking it. I do a lot of support and the main reason is that windows firewall.

For Asus web admin, not sure what is the reason.

It works fine when I’m not using the SLATE so I’m not sure if the firewall really is the culprit. If you go through the thread above you will see the inability to use RDP (when the SLATE is also connected in repeater mode) via OkenVPN is solely when I try to use the SLATE (noting that OUTSIDE my network the SLATE works as expected).

Openvpn is complicated because it push route to the client.

While the using openvpn on the router add extra layer of NAT so the route is more complicated.

I read through the post again, too long. So the problem happens if you configure ovpn using app or web panel right?

Can you post the system log of the router after vpn is connected?

What is the IP of your RDP server?