TL-ER605 as OpenVpn client on Openvpn Access Server 2.11.3

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

TL-ER605 as OpenVpn client on Openvpn Access Server 2.11.3

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
TL-ER605 as OpenVpn client on Openvpn Access Server 2.11.3
TL-ER605 as OpenVpn client on Openvpn Access Server 2.11.3
2024-03-19 14:12:21 - last edited 2024-03-22 01:09:53
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.2.4 Build 20240119 Rel.44368

ER 605 as openvpn client connects to Openvpn Access server on standalone mode.

 

As long as the connection establishes and all clients on local netowork can access resources on VPN Server Side , split tunneling doesnt work so i can passthrough internet traffic to primary internet wan port of the router. 

 

Clients can resolve internet sites as google.com but no route as Er605 routes all traffic on the vpn server GW IP

Router ip 10.10.16.1

 Routing table is somehow broken and i cant split traffic either from static routes or policy routing.

 

Router routes all traffic to VPN Server. Please assist what it needs to do, from the TL Er605 side, to route the internet to the primary wan port that has internet. 

 

 

 

 

 

 

 

 

VPN routes are published on VPN Server clients behind 10.10.16.0/24, can  access with routing or nat all resources on VPN server Site (HQ) but no internet traffic allowed as traceroute always passes traffic through vpn server.

 

  0      
  0      
#1
Options
2 Accepted Solutions
Re:TL-ER605 as OpenVpn client on Openvpn Access Server 2.11.3-Solution
2024-03-19 19:51:50 - last edited 2024-03-20 02:34:39

  @JohnGian 

 

there is nothing you can do with routing on the ER605, you have to do the routing on the openvpn server,

I only have experience with openvpn from pivpn but it might be something of the same, I think

 

go to /etc/openvpn/ccd


edit the client file and add this

 

route-nopull
push "route 172.20.10.0 255.255.255.0"

 

edit the ip so that it fits your network.

 

 

You can also try edit your ovpn client file before you import the file to router 

I have not tested this on omada router only on client so am not sure how this wil work on routers.

 

if you have redirect-gateway def1 remove this and add folowing in ovpn client file.

 

route-nopull
route 172.20.10.0 255.255.255.0

 

edit ip to match your remote net,

 

 

 

Recommended Solution
  1  
  1  
#2
Options
Re:TL-ER605 as OpenVpn client on Openvpn Access Server 2.11.3-Solution
2024-03-20 09:13:37 - last edited 2024-03-20 09:13:42

  @JohnGian 

 

 

I knew the process of adding route pull and route directives to client ovpn file, but ive tried to solve it from the tp link side.

 

It works now thank you guys for the assist .

 

Regards

 

Recommended Solution
  1  
  1  
#4
Options
3 Reply
Re:TL-ER605 as OpenVpn client on Openvpn Access Server 2.11.3-Solution
2024-03-19 19:51:50 - last edited 2024-03-20 02:34:39

  @JohnGian 

 

there is nothing you can do with routing on the ER605, you have to do the routing on the openvpn server,

I only have experience with openvpn from pivpn but it might be something of the same, I think

 

go to /etc/openvpn/ccd


edit the client file and add this

 

route-nopull
push "route 172.20.10.0 255.255.255.0"

 

edit the ip so that it fits your network.

 

 

You can also try edit your ovpn client file before you import the file to router 

I have not tested this on omada router only on client so am not sure how this wil work on routers.

 

if you have redirect-gateway def1 remove this and add folowing in ovpn client file.

 

route-nopull
route 172.20.10.0 255.255.255.0

 

edit ip to match your remote net,

 

 

 

Recommended Solution
  1  
  1  
#2
Options
Re:TL-ER605 as OpenVpn client on Openvpn Access Server 2.11.3
2024-03-20 02:34:12 - last edited 2024-03-20 02:34:47

Hi @JohnGian 

Thanks for posting in our business forum.

MR.S is correct. It's a problem with your server. Configure your server to separate the traffic. It should work as expected afterwards.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#3
Options
Re:TL-ER605 as OpenVpn client on Openvpn Access Server 2.11.3-Solution
2024-03-20 09:13:37 - last edited 2024-03-20 09:13:42

  @JohnGian 

 

 

I knew the process of adding route pull and route directives to client ovpn file, but ive tried to solve it from the tp link side.

 

It works now thank you guys for the assist .

 

Regards

 

Recommended Solution
  1  
  1  
#4
Options