Remote management over vpn +(openvpn)

Remote management over vpn +(openvpn)

Remote management over vpn +(openvpn)
Remote management over vpn +(openvpn)
2022-08-23 09:16:16
Model: Archer MR600  
Hardware Version: V2
Firmware Version: 1.6.0 0.9.1 v0001.0 Build 220105 Rel.58321n

Hi everyone,

I have correctly configured Vpn (openvpn) and Dynamic DNS (dyndns org). I am able to reach all the devices in the through vpn tunnel but not the modem configuration page. I always get the "403 Forbidden" error in 192 168 1 1 :80 and https 192 168 1 1 :443. (Also with changed Port Number, with Nat boost or not).

The only way to access the remote management is by activating the option in "Administration", but this means exposing the modem on the internet (I don't want to do that). Am I doing something wrong or is it a firmware defect?

 

Thanks everyone in advance

  5      
  5      
#1
Options
9 Reply
Re:Remote management over vpn +(openvpn)
2022-09-29 14:17:46

Hi  @carmlav ,

Do you have any news on this subject?

I'm with the same problem, OpenVPN works fine except for accessing the router web management interface.

 

Regards

mcalmeida

  0  
  0  
#2
Options
Re:Remote management over vpn +(openvpn)
2022-09-30 15:29:46

  @carmlav 

Hi,

did you try to open a VNC or RDP session from your device connected by VPN to one of your PCs and from there, open a browser pointing to the router admin page?

I would try also to compare the http headers of the (working) call from a PC inside the network and the (unauthorized) call from the device you are trying to access from VPN.

You should able to sniff the traffic on your local network with wireshark and see your incoming and outgoing requests/response from both device and PC.

 

If you can ping the router from your device and reach the its port 80, I think the issue should be related to something in the headers or the payload that differs, maybe a source domain or something like that.

 

My two cents.

 

Daniele

  0  
  0  
#3
Options
Re:Remote management over vpn +(openvpn)
2022-09-30 22:25:13 - last edited 2022-09-30 22:30:29

  @mcalmeida 

Hi,

 

Tp-link customer care confirmed that's not possibile to reach the modem from the openvpn connection. It's unbelievable, but this Is.

You can try to open the modem administration from internet only to the first assigned vpn subnet address (ex. 10.x.x.6 in my case). 

This works fine for me, but it's not a good solution. 

Tp-link has to resolve this . 

  0  
  0  
#4
Options
Re:Remote management over vpn +(openvpn)
2022-09-30 22:42:59

  @jdaniele 

Hi, My solution has been a Raspberry pi4 in the same modem subnet. From there you can reach the modem.

 

Tp-link has to modify the firewall rules allowing the con to go where it wants and nat it. it would be easy for them to do (and while we're at it, add the source ip field in the firewall rules configuration tables)

 

Bye

  1  
  1  
#6
Options
Re:Remote management over vpn +(openvpn)
2022-10-03 07:49:00

Hi,

Thank you all for your support and suggestions.

 

I think I've found a solution in another sub-forum.

 

 

1. Setup the router with your preferred configuration.

2. Setup OpenVPN and confirm it is working as you pretend.

3. Activate the 2nd IP Address for the local network on the same lan as the OpenVPN lan address.

 

This solution is working for me for 3 days without any questions.

 

regards

mcalmeida

  0  
  0  
#7
Options
Re:Remote management over vpn +(openvpn)
2022-10-03 16:37:25

  @mcalmeida 

 

Hi,

looks great!
I'll try.
Many thanks to you too

  1  
  1  
#8
Options
Re:Remote management over vpn +(openvpn)
2022-10-04 15:11:58

  @carmlav 

Hi,

 

let me know if it works for you.

 

Regards

 

mcalmeida

  0  
  0  
#9
Options
Re:Remote management over vpn +(openvpn)
2022-10-09 05:09:30

  @mcalmeida 

hi,

unfortunately it didn't work. If you try to enter the second IP of the same openvpn subnet, an error message warns that it is not possible and, at the same time, disables the vpn. How did you make it work?

  0  
  0  
#10
Options
Re:Remote management over vpn +(openvpn)
2022-10-10 07:44:53

Hi  @carmlav ,

 

I've followed the directions on this post: 

    https://community.tp-link.com/en/home/forum/topic/579716

 

Please pay attention to message #3, about the correct sequence of operations.

 

 

 

  0  
  0  
#11
Options