Is the VPN client using OpenVPN or Wireguard? Is there a connection error displayed and/or in the System Log?
Is “clearnet IP address” a public one?
@wcs2228 both the VPN client and server are Openvpn. The client works fine, but with the client connection online, I am unable to access the VPN server. There are no errors displayed and I dont see any in the system log.
@hansome The clearnet IP is public
Please try to change openvpn server’s Local Port to a different one, although that’s a guess.
By the way, do you use multi-wan?
I have changed the openvpn server’s port to a different port as part of my troubleshooting.
Yes I do have multi-wan set up, though I dont really need it. I’ll try disabling that…
Should I be attempting to connect via my public IP? or through my VPN client IP address? (I’ve tried both)
Edit: Multi-wan being disabled does not fix the issue. I still can not connect to the OpenVPN server with the Openvpn Client enabled.
Could it be the same issue as you solved here?
The fix you provided was only for wireguard VPN servers. Is there an alternate attempted fix when using an OpenVPN as the server protocol?
Public IP.
root@GL-AX1800:/tmp# cat /tmp/ovpnserver/ovpnserver
persist-key
persist-tun
auth SHA256
cipher AES-256-GCM
ncp-disable
dev ovpnserver
dev-type tun
group nogroup
keepalive 10 120
mode server
mute 5
port 1194
proto udp
push "persist-key"
push "persist-tun"
push "redirect-gateway def1"
route-gateway dhcp
topology subnet
duplicate-cn
user nobody
mark 524288
...
mark 524288 is the same function as fwmark setting in wireguard_server.
So it should not be the issue. I’ll pm you for more info.
Issue was solved for me by switching to a new port. Thanks for the support hansome.
2 Likes
Hi all,
I run the Surfshark VPN Client (WireGuard protocol) and the WireGuard Server on my Brume2 (v4.1.1 2022-11-05 1:16:04)
Everything works fine until I enable the VPN Cascading. After that my remote WireGuard Clients can still connect to the router (port 80 is open), but have no internet! Any advise where the issue can be?
Thanks!
Hi hansome, I’ve upgraded the firmware to 4.2.0 and now the ‘VPN cascading’ works fine, thanks for your help!
2 Likes
Hi,
Hardware: GL-MT2500A (Brume 2)
I travel to China and VPN is blocked there (NordVPN, ExpressVPN). Probably the IP of the servers are blocked, because sometimes it work, but after a couple of hours it stops to work.
Also the VPN from the company I work for is blocked so I don’t have access to the office network (shared folders, e.g.)
VPN Cascading can be an alternative for this?
Example:
- When I’m in China, I’ll connect to my HOME vpn (Brune2 VPN server) in Italy;
- Then, I would like to use the Brune2 VPN Client to connect to the office VPN.
In this way can I have access to my office network and have acces to my shared folders?
Thanks!
VPN cascading does not solve your case.
If you can connect to your home in Italy, you can set up double vpn to connect to your office.
The issues is, connection to your home can also be blocked.
Sometimes you can connect. After several hours you are blocked. You may wait for a while and you may be able to connect again.
There are solutions for your case but you have to consult other communities.
Hi, thanks!
Regarding to the double VPN, you mean I’ll need to set up a virtual machine?
Eg.:
Laptop in China connected to my home VPN in Italy;
Then, on the same laptop, I open the VPN Client on the virtual machine to connect to my office
Thanks
A typical double vpn work like this:
- On the router, you have vpn connecting to your Italy home
- On your pc, which is connected to the router, you have vpn connecting to your Office.
Thanks for the quick answer.
Therefore I’ll need 2 devives?
- In Italy: GL-MT2500A working as VPN Server;
- In China: GL-MT3000 working as VPN Client (connecting it to my GL-MT2500A) + My latop connected to GL-MT3000 and then I connect my laptop to the office using my VPN Client Software (installed in my laptop)
Probably I can replace the GL-MT3000 by my smartphone Samsung Galaxy S10 using Wiregard app and working as a hotspot?
Thanks!
Can you explain in more detail why VPN cascading will not work using a single router?
I do not work for and I am not directly associated with GL.iNet
Android smartphones do not share VPN connection through a hotspot, unless you root the smartphone.
Smartphone app of some vpn service providers, works better in Internet censorship regions. So you can tether your phone (with vpn) to the router (MT3000) and connect all of your other devices to the router.
Really? I don’t know this.