I have a home network that I am trying to establish. But can anyone tell me what is wrong with this VPN setup, and if there is a better network setup? This is my first time creating a network and I am encourting a lot of issues.
My main goal is to have two separate VPN connections (one for work and one for personal). I have three different routers. Originally, I had all the same subnets, and this worked fine for a 1 month, but recently my entire VPN connection started to drop.
I then realized my setup was creating an IP conflict. I then did a factory reset on router 1, hoping to remove any IP cache. I also updated my router 1 settings to have unique subnet for router 2 and router 3, and i also configured router 1 to provide static IP address to router 2 and router 3. And in router 1, I added a DMZ for router 2, and I open port forwarding for router 3.
BUT, the problem is, the vpn will work for router 2 and router 3 for a few hours, but then it will stop working. In order to get the VPN on router 2 and router 3 to work again, I need to create a new MAC address on both router 2 and router 3. I can't seem to figure out why I need to change the MAC address to get the VPN to work again.
I feel I am getting closer to the root problem for my home network, but I am still not there. Any ideas on why this happening and how to fix it, or are there better network setups that you would recommend for running two separate VPNs (work and personal).
Home Network Setup
ISP > Router 1 connects via WAN > Router 2 and Router 3 connect via WAN > Laptop connects via LAN and Mobile Phone connects via WiFi.
Each router had unique subnet
Router 1 192.168.1.1 (dmz all tcp/udp ports open for router 2; port forwarding for router 3)
Router 2 192.168.10.1 (Wireguard server setup on AWS)
Router 3 192.168.12.1 (Wireguard server setup on DigitalOcean)
May I know are the R2 and R3 run the VPN client but not server?
The R2 and R3 are in different subnets, so they have no relationship and interference with each other.
If only run the client, it does not need to open the port forwarding/DMZ in R1, R2 and R3.
Probably require checking R1 ISP and R2/R3 WAN, to see if their Internet access normal,
and try to run the VPN client in the pc and the router without VPN, to check if the VPN provider network are available.
R2 uses WireGuard Client and R3 also uses WireGuard Client;
And I run the Wireguard server on AWS Server and Digital Ocean Server and they both works fine with ping and handshakes.
Yesterday I went to a local cafe with R2 and R3 and I had very good VPN connection, with no problems. But when I am at home, there is no VPN access. For example, if i turn on the Wireguard Client for R1, there is a successful handshake, and it shows green on the router, and the server also show the handhsake, but the internet completely doesn't work. But when I turn off the Wireguard Client, there is internet connection. The same process also happens to R3. However, the moment I update the MAC address, i immediately have vpn connection and everything is good.
My next question is is this a normal setup to connect R2 and R3 to R1 via WAN, given they all have different subnets? I ask because origianlly, they didn't have different subnets for about 1 month; but recently, the vpn network started to become very erratic (e.g. shutting off completely at home).
Since my wireclient client for both R2 and R3 work in other locations, do you think the issue is with my ISP, and if yes, what would it be (maybe my ISP needs to reset or refresh something)?
--
And thanks for the information about not needing port forwarding or DMZ in R1 when running wireguard client in R2 and R3. Obviously I was trying everything to try to understand and fix this.
the problem seems to be with my DHCP configuration. To fix my problems I create a static IP on router 2, and then added router 2's static IP on router 1's client list. This seem to have fixed this issue related to the DHCP. It must have been a IP leasing issue.
