issue when enabling OpenVPN on an Archer A6 located behind a Huawei ONT
issue when enabling OpenVPN on an Archer A6 located behind a Huawei ONT
Hello team !
I'm trying to access remotely (from Internet) my Archer A6 Router, using the build-in OpenVPN server feature.
On Router I have enabled OpenVPN server, generated the certificate and exported the configuration file.
Then on client (a remote computer) I have imported this configuration file into OpenVPN client, and tried to connect to Router. But it's failing. The point is - my Router is sitting behind an Huawei optical terminal. So the configuration is the following:
optical cable from ISP -> Huawei HG8120H ONT -> Archer A6 Router -> home devices.
And in Router interface, I can see that "Internet" address of Router is 192.168.100.4, which is a private IP - Router is behind Huawei ONT which seems to act as a NAT.
So in such configuration, how to access Router remotely? (over internet)
many thanks in advance for your advices!
P.S.: screenshot from Router
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Ok.
Then look up the Huawei ONT's Internet (WAN) IP address and check whether that one is also a private IP address or if it's a public IP address.
The Huawei should also have some kind of Status webpage in the way of what you previously showed for your Archer router.
- Copy Link
- Report Inappropriate Content
If that's the case, then you should be able to make your VPN work by setting up port forwarding on the Huawei ONT.
Look for a menu named something like "forwarding rules" and then add a new rule with the following parameters: external port: 1194, internal port: 1194, protocol: UDP, target IP address: 192.168.100.4
P.S. When you setup the OpenVPN client make sure the IP address the client tries to connect to is the correct public IP address.
- Copy Link
- Report Inappropriate Content
Hi,
It may still be possible to make this work, but the first thing we need to know is, are you able to log into the Huawei ONT's configuration interface? (i.e. open a web browser and go to http://192.168.100.1 )
- Copy Link
- Report Inappropriate Content
Thanks for your prompt answer !
Yes, I'm able to log into the Huawei's ONT configuration interface.
- Copy Link
- Report Inappropriate Content
Ok.
Then look up the Huawei ONT's Internet (WAN) IP address and check whether that one is also a private IP address or if it's a public IP address.
The Huawei should also have some kind of Status webpage in the way of what you previously showed for your Archer router.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
If that's the case, then you should be able to make your VPN work by setting up port forwarding on the Huawei ONT.
Look for a menu named something like "forwarding rules" and then add a new rule with the following parameters: external port: 1194, internal port: 1194, protocol: UDP, target IP address: 192.168.100.4
P.S. When you setup the OpenVPN client make sure the IP address the client tries to connect to is the correct public IP address.
- Copy Link
- Report Inappropriate Content
I have such menu - Forward Rules -> Port Mapping Configuration.
I'm not sure here - in "Internal Host" field I have to set 192.168.100.4 ? There is even a scrolling menu and Archer A6 is in the list.
I cannot find fields with ports here, please find a screenshot :
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Ok. Then select the "Archer_A6" as Internal Host, select "UDP" as the Protocol, and enter "1194" in the fields "Internal port number" and "External port number" (try for yourself if the router expects you to fill in the left or the right field of each). The lower entry section you can "Delete", since we only need to forward one port. Then click "Apply" and see what happens. If you wish you can also type something like "OpenVPN" in the entry field for "Mapping Name" so that you can later easily identify what this rules is for.
- Copy Link
- Report Inappropriate Content
Many thanks for your help !
I configured the port forwarding on Huawei ONT, then on Router Archer A6 I generated a certificate again in OpenVPN server tab, then exported the config file.
Imported the config file into the OpenVPN client (on remote computer), and tried to connect again but it failed.
In OpenVPN client logs it seems that client tries to connect to private IP of router (192.168.100.4), and obviously it fails:
⏎[Dec 23, 2022, 23:47:39] Connecting to [192.168.100.4]:1194 (192.168.100.4) via UDPv4
⏎[Dec 23, 2022, 23:47:49] Server poll timeout, trying next remote entry...
⏎[Dec 23, 2022, 23:47:49] EVENT: RECONNECTING ⏎[Dec 23, 2022, 23:47:49] EVENT: RESOLVE ⏎[Dec 23, 2022, 23:47:49] Contacting 192.168.100.4:1194 via UDP
⏎[Dec 23, 2022, 23:47:49] EVENT: WAIT ⏎[Dec 23, 2022, 23:47:49] WinCommandAgent: transmitting bypass route to 192.168.100.4
{
"host" : "192.168.100.4",
"ipv6" : false
}
⏎[Dec 23, 2022, 23:47:49] Connecting to [192.168.100.4]:1194 (192.168.100.4) via UDPv4
⏎[Dec 23, 2022, 23:47:59] Server poll timeout, trying next remote entry...
⏎[Dec 23, 2022, 23:47:59] EVENT: RECONNECTING ⏎[Dec 23, 2022, 23:47:59] EVENT: RESOLVE ⏎[Dec 23, 2022, 23:47:59] Contacting 192.168.100.4:1194 via UDP
⏎[Dec 23, 2022, 23:47:59] EVENT: WAIT ⏎[Dec 23, 2022, 23:47:59] WinCommandAgent: transmitting bypass route to 192.168.100.4
{
"host" : "192.168.100.4",
"ipv6" : false
}
⏎[Dec 23, 2022, 23:47:59] Connecting to [192.168.100.4]:1194 (192.168.100.4) via UDPv4
⏎[Dec 23, 2022, 23:48:09] Server poll timeout, trying next remote entry...
⏎[Dec 23, 2022, 23:48:09] EVENT: RECONNECTING ⏎[Dec 23, 2022, 23:48:09] EVENT: RESOLVE ⏎[Dec 23, 2022, 23:48:09] Contacting 192.168.100.4:1194 via UDP
⏎[Dec 23, 2022, 23:48:09] EVENT: WAIT ⏎[Dec 23, 2022, 23:48:09] WinCommandAgent: transmitting bypass route to 192.168.100.4
{
"host" : "192.168.100.4",
"ipv6" : false
}
⏎[Dec 23, 2022, 23:48:09] Connecting to [192.168.100.4]:1194 (192.168.100.4) via UDPv4
⏎[Dec 23, 2022, 23:48:19] Server poll timeout, trying next remote entry...
⏎[Dec 23, 2022, 23:48:19] EVENT: RECONNECTING ⏎[Dec 23, 2022, 23:48:19] EVENT: RESOLVE ⏎[Dec 23, 2022, 23:48:19] Contacting 192.168.100.4:1194 via UDP
⏎[Dec 23, 2022, 23:48:19] EVENT: WAIT ⏎[Dec 23, 2022, 23:48:19] WinCommandAgent: transmitting bypass route to 192.168.100.4
{
"host" : "192.168.100.4",
"ipv6" : false
}
⏎[Dec 23, 2022, 23:48:19] Connecting to [192.168.100.4]:1194 (192.168.100.4) via UDPv4
⏎[Dec 23, 2022, 23:48:29] Server poll timeout, trying next remote entry...
⏎[Dec 23, 2022, 23:48:29] EVENT: RECONNECTING ⏎[Dec 23, 2022, 23:48:29] EVENT: RESOLVE ⏎[Dec 23, 2022, 23:48:29] Contacting 192.168.100.4:1194 via UDP
⏎[Dec 23, 2022, 23:48:29] EVENT: WAIT ⏎[Dec 23, 2022, 23:48:29] WinCommandAgent: transmitting bypass route to 192.168.100.4
{
"host" : "192.168.100.4",
"ipv6" : false
}
⏎[Dec 23, 2022, 23:48:29] Connecting to [192.168.100.4]:1194 (192.168.100.4) via UDPv4
⏎[Dec 23, 2022, 23:48:39] EVENT: CONNECTION_TIMEOUT BYTES_OUT : 840
PACKETS_OUT : 60
CONNECTION_TIMEOUT : 1
N_RECONNECT : 5
⏎[Dec 23, 2022, 23:48:39] EVENT: DISCONNECTED ⏎
Here the Port forwarding rules enabled on Huawei device:
- Copy Link
- Report Inappropriate Content
Obviously the Archer A6 put its own IP address inside the *.ovpn config file.
Therefore, before you import the *.ovpn file into your client you need to open it with a text editor and modify the line that looks something like "remote 192.168.100.4 1194" to reflect your actual public IP address.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1558
Replies: 13
Voters 0
No one has voted for it yet.