I really love my new Beryl MT-3000 AX! It’s super fast and easy to configure. I am primarily using it as travel router to repeat the hotel WiFi and make a secure connection to my home network through WireGuard or OpenVPN (if UDP is blocked, as fallback option).
To achieve this, I connected the Beryl as Repeater to the hotel WiFI and set up a WireGuard and OpenVPN client. This is all working very well except one issue:
So if my endpoint for the VPN is 1.2.3.4 and I’m connected through it, I have the correct ip address and can access all local devices and all other webpages and stuff, except my own webserver/mailserver that is also using 1.2.3.4. The workaround in the thread to just delete the wrong route (“ip route del 1.2.3.4”) is working well, but for WireGuard only. When removing the route, I can access my webserver/mailserver again through the WireGuard tunnel, so everything’s good.
But somehow this doesn’t fix the problem for OpenVPN. Even after deleting the route, I still can’t access my services. I also think that this thread could be related, but it also doesn’t provide a fix/solution: OpenVPN: Route to server IP broken
So can anyone help me out on this issue here? I really need a reliable fallback VPN option if UDP is blocked completely, to access my services securely.
Please draw a network topology diagram to describe your network issue? That will be easy to anderstand this problem. why they have the same IP, can not be changed to different?
I hope it is understandable. So I can’t access my webserver through its public ip, that is the same as the public ip of the openvpn server when connected through the vpn tunnel. The ips are the same as they are both running in the same network (my home network). Of course I could access my web server through the vpn tunnel with ist local ip (192.xxx), but I want to access it through the domain that is pointing to the public/WAN ip of course. And this should also be possible, as it is possible with all my other VPN Clients (iPhone, Mac, etc.).
It is also possible with the Beryl when using wireguard and deleting the route “ip route del 1.2.3.4” as it was advised by your colleague in the linked thread, but this doesn’t solve the problem for openvpn that I am using as a fallback option to Wireguard.
Please turn off the OpenVPN client and use this command:
sed -i 's/ifconfig-ipv6/ifconfig-ipv6 --mark 524288/g' /lib/netifd/proto/ovpnclient.sh
sed -i '/proto_add_host_dependency/d' /etc/openvpn/scripts/ovpnclient-up
then turn on the OpenVPN client.
That will remove the route to 1.2.3.4 and mark OpenVPN traffic.
Edit:
Still does not work for OpenVPN, I am going to do more debugging.
@Battista.xie I don’t want to allow wan access. I enabled block non-vpn traffic as I want to make sure that everything goes through the tunnel in insecure hotel networks.
