This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.Omada Router as VPN client
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Hi! 
In Site Settings -> VPN -> VPN:
I'm trying to figure out how to connect this router to an external VPN server of mine.
(This Omada router is connected only through an LTE network, external modem using passthrough to the WAN ethernet port. On this network IPv6 is flaky, and the IPv4 is CGNAT, so I'm looking to setup a connection to be able to get in from the outside.)
According to the docs, Site-to-Site is for connecting Omada Sites.
In this case, then, I would have to setup Client-to-Site.
So I did setup a Client-to-Site VPN, defining my router as a VPN client - OpenVPN using Certificate.
I specified the IPv4 and port number of the Remote Server and chose WAN as the WAN, and I imported the ovpn config file.
When I hit Apply, it was enabled, and it looks like it's working.
... Except ... Where can I see/utilize this VPN tunnel?
I can't find it anywhere, it's not an available interface in ACL's or anywhere that I can seem to find.
So I don't actually know if it's working/what it's doing (if anything).
There's nothing showing in Insights -> VPN Status -> OpenVPN/PPTP/L2TP -> Client ... So I guess not much is happening.
But how is it supposed to be used/seen?
(My preferred VPN setup would be Wireguard, but in Omada it's only WG server, not client, it seems.)
Not sure I follow you. I tried setting the ER605 up as OpenVPN client. It doesn't seem to show up anywhere.
I tried pinging ER605 IP's from the other side to see if there was any connection, but no response.
But I feel blind, there's no info, I dunno how to debug ...
(Or how the client is supposed to act/work? Why should I be able to add a client like this, if I can't use that VPN client interface in ACL rules etc.?)
The VPN server is a Linux VPS. I can connect to it using OpenVPN connect for Mac and for Android, only import the file, and then it works.
Then loading the config in the Omada controller, I have some manual setting in addition to the file.
I'm not entirely sure if Local Network Type should be Local Networks, and if so the significance (should I select All, or what does it try to do?
I've tried setting a Custom IP, defining 10.8.0.5/24 (which is what the ovpn client gets when I connect from the other clients, the server has 10.8.0.1/24). I also tried leaving it at Network, and then selecting different networks/VLANs. I even tried creating the 10.8.0.0/24 network in the controller, and selecting that here.
Still doesn't work.
I shows as enabled no matter what I do:
But VPN status is empty:
In the Omada controller/system, I don't see where I can debug/read what it tries.
On the VPN server side, it doesn't look like it's trying/reaching the server at all. (No log entry, like it is if I connect using the Mac or Android phone.)
Edit: The only thing I find in the log on the controller (searching for VPN) is stuff like this (showing my config changes)/attempts:
The LAN(OVPN-client) IP address/mask of MyVPN were changed to 10.8.0.5/255.255.255.0.
Does that mean that the VPN client only tries connecting using the LAN, not the WAN-side?
