AX5400 VPN Server issue
Hi, I have been successfully able to activate a VPN Client with Mullvad on my Archer AX73.
All my devices, now, use the vpn to connect to the outside of my home network (checked by Mullvad check page and public ipaddress and position).
Now I'm trying, without success, to activate a VPN Server on the same router. At the very end, while connected to the router, I'm not able to browse neither internet, neither any of my home network devices. This is the current situation:
- I enabled OpenVPN in the Advanced\VPN Server\OpenVPN section of the router admin panel
- Service Type: UDP
- Service Port: 1194
- VPN Subnet: 10.7.0.0
- Netmask: 255.255.255.0
- Client Access: Internet and Home Network
- I generated the certificate
- I exported the configuration file.
Inside the file the configuration is:
client dev tun proto udp remote MYDNSBINDEDDOMAIN.tplinkdns.com 1194 float nobind cipher AES-128-CBC comp-lzo adaptive resolv-retry infinite remote-cert-tls server persist-key persist-tun route 192.168.72.0 255.255.255.0 redirect-gateway def1 dhcp-option DNS 1.1.1.1 <ca> -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- </ca> <cert> -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- </cert> <key> -----BEGIN PRIVATE KEY----- ... -----END PRIVATE KEY----- </key>
- Obviously a created a dynamic DNS with TP-Link: MYDNSBINDEDDOMAIN.tplinkdns.com
- Created a static routing rule:
- Network Destination: 10.7.0.0
- Subnet Mask: 255.255.255.0
- Default Gateway: 192.168.72.1
- Interface: LAN
- Description: VPN
I downloaded the .ovpn file to my android phone, installed both OpenVPN connect and OpenVPN for Android. Imported the .ovpn file in both, and both tested.
- Both apps connect.
- In both cases, I can see an entry in Advanced\VPN Server\Connections (so the connection reaches the router).
- In both cases, I'm not able to browse internet or to reach (for example), 192.168.72.1 (my router), or 192.168.72.2 (my nas).
What am I missing? I tried, anyway, to disable the VPN Client while testing the VPN Server, but results are always the same: client connected, Connection listed, no browsing.
Thanks in advance!
I started from scratch, and this is the final version of my ovpn file (highlight my edits):
client
dev tun
proto udp
float
nobind
cipher AES-128-CBC
comp-lzo adaptive
resolv-retry infinite
remote-cert-tls server
persist-key
persist-tun
remote MYBOUNDPERSONALDNS.tplinkdns.com 1194
redirect-gateway def1
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
</key>
But still needed this rule I found in a youtube video:
And now I can connect to the VPN server and access devices inside my lan. Was it really necessary?