OpenVPN Server behind ISP Router - can't connect

michael4 · February 4, 2022, 1:45pm

Hi,

I’ve got the following set-up:

ISP router with a public IP
GL.iNet GL-AR300M16 (GL-AR300M Series / Shadow) router with an OpenVPN server setup and running

The ISP router is set-up as a bridge. With a router mode, the IP is private, and when connected to it directly or through the Shadow router (without OpenVPN), I can see it’s private:

However with a bridge mode it changes to public:

The Shadow router is connected as a repeater:
https://i.imgur___DOT___com/64wTfFT.png

When I configure and export OpenVPN file I get:
https://i.imgur___DOT___com/2TIc0Cb.png

The IP in line 4 is what I see when googling my IP address.

I can start the server but I can’t connect it. I’ve tried different ways:

from Android phone and Windows laptop
from the same WiFi (connecting to the Shadow router) and through another internet provider

In all cases I can’t connect.

Do you have suggestions what I’m doing wrong?

Thanks a lot!

wcs2228 · February 4, 2022, 10:11pm

What do you mean by “googling my IP address”? When I export an OpenVPN .opvn config, it contains the remote IP address of my real public IP and matches what is shown by whatismyip.com and whatismyipaddress.com.

You can look up the 89.x.x.x IP address on those 2 websites to see who owns it and where it is. Was your router connected as a client to an external VPN when you exported the config?

You can try editing the config file and changing the remote address to your 100.x.x.x Public IP address.

alzhao · February 6, 2022, 3:39am

100.x is not the public IP which is 89.x. So you didn’t get a public IP from your ISP.

Pls confirm that.

wcs2228 · February 6, 2022, 4:24am

I forgot that 100.x.x.x is an IP address within the ISP’s internal network.

michael4 · February 8, 2022, 12:35pm

Thanks @alzhao & @wcs2228.

Yes, unfortunately that’s correct - I’m speaking with the ISP to get a public IP.

Assuming that’s done, would the Shadow router allow me to set up VPN server that I’d be able to connect to from outside my home and would allow me to access my home internet? Or, when connecting from outside, I’d only access the internal/home network?

wcs2228 · February 8, 2022, 4:55pm

It “should” work if the configuration is correct and there are no major bugs in the firmware.

Notes:

Upgrade to the latest stable firmware at GL.iNet download center.
Verify that the GL-AR300M16 is getting a Public IP by looking up the router’s WAN IP address on whatismyip.com or whatismyipaddress.com.
You may need to do further configuration to access your internal/home network and there are recent threads on this forum regarding that.
OpenVPN speed is limited by the router hardware at GL.iNet’s advertised maximum of 15Mbps

alzhao · February 9, 2022, 7:21am

If you have a public IP for your home, you can set up Wireguard server, connect to it then: (1) You can use Internet from your home; (2) You can connect to your home local network.