OpenVPN Server behind ISP Router - can't connect


I’ve got the following set-up:

  1. ISP router with a public IP
  2. GL.iNet GL-AR300M16 (GL-AR300M Series / Shadow) router with an OpenVPN server setup and running

The ISP router is set-up as a bridge. With a router mode, the IP is private, and when connected to it directly or through the Shadow router (without OpenVPN), I can see it’s private:

However with a bridge mode it changes to public:

The Shadow router is connected as a repeater:

When I configure and export OpenVPN file I get:

The IP in line 4 is what I see when googling my IP address.

I can start the server but I can’t connect it. I’ve tried different ways:

  • from Android phone and Windows laptop
  • from the same WiFi (connecting to the Shadow router) and through another internet provider

In all cases I can’t connect.

Do you have suggestions what I’m doing wrong?

Thanks a lot!

What do you mean by “googling my IP address”? When I export an OpenVPN .opvn config, it contains the remote IP address of my real public IP and matches what is shown by and

You can look up the 89.x.x.x IP address on those 2 websites to see who owns it and where it is. Was your router connected as a client to an external VPN when you exported the config?

You can try editing the config file and changing the remote address to your 100.x.x.x Public IP address.

100.x is not the public IP which is 89.x. So you didn’t get a public IP from your ISP.

Pls confirm that.

1 Like

I forgot that 100.x.x.x is an IP address within the ISP’s internal network.

Thanks @alzhao & @wcs2228.

Yes, unfortunately that’s correct - I’m speaking with the ISP to get a public IP.

Assuming that’s done, would the Shadow router allow me to set up VPN server that I’d be able to connect to from outside my home and would allow me to access my home internet? Or, when connecting from outside, I’d only access the internal/home network?

It “should” work if the configuration is correct and there are no major bugs in the firmware.


  1. Upgrade to the latest stable firmware at GL.iNet download center.
  2. Verify that the GL-AR300M16 is getting a Public IP by looking up the router’s WAN IP address on or
  3. You may need to do further configuration to access your internal/home network and there are recent threads on this forum regarding that.
  4. OpenVPN speed is limited by the router hardware at GL.iNet’s advertised maximum of 15Mbps

If you have a public IP for your home, you can set up Wireguard server, connect to it then: (1) You can use Internet from your home; (2) You can connect to your home local network.