Archer VR2800 OpenVPN Issue

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Archer VR2800 OpenVPN Issue

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Archer VR2800 OpenVPN Issue
Archer VR2800 OpenVPN Issue
2017-07-30 11:03:58
Model :

Hardware Version :

Firmware Version :

ISP :

Hi Guys,

I've just picked up a VR2800 and have been playing with the OpenVPN feature.
I completed the configuration and exported the file to my Mac.

The VPN connects and I can ping the default address of the VR2800 [192.168.1.1].
However I cannot reach anything else on the inside of my network.

I'm using the default address scheme for the LAN side of the router and the default for the VPN being...

192.168.1.0/24 LAN and 10.8.0.0/24 VPN

As there is very little means to debug what is going on here could anyone have a guess at what is happening here.

On the MAC I have used both TunnelBlick and Viscosity OpenVPN clients.
  0      
  0      
#1
Options
2 Reply
Re:Archer VR2800 OpenVPN Issue
2018-06-26 06:56:36
You've misunderstood the purpose of the VPN functionality of this router.

The router does NOT act as a VPN client for internet access. It acts as a VPN Server, when you want to reach your local network from a remote location, via the internet. The router has NO outbound VPN client functionality, period.

If you wish to use that, you'll need the OpenVPN desktop client installed on each of the systems you wish to use that OpenVPN connection/service with. The router cannot be used as an intermediary client access device. Considering most OpenVPN servers, limit the number of contiguous connections, this is probably the reason why this functionality has been omitted, as having multiple clients on the local network, all routed through a single VPN client on the router would mean a lot of traffic going through one connection and thus hammering the remote VPN server. I doubt your VPN service provider would be too happy with that scenario.
  0  
  0  
#2
Options
Re:Archer VR2800 OpenVPN Issue
2018-06-26 07:20:20
The other scenario would be (as I see it based on your post) that your attempting to start the VPN on your mac, while still connected to the local network. This is bad.

The VPN functionality on this router, exists (as previously stated) to connect to your network from a REMOTE location, i.e: over the internet. It is not intended for use by devices on your local network, to access other devices already on your local network. This will cause a conflict, as multiple devices on your network will appear to have multiple IP addresses. This is never good. I have no experience with MacOS, but I do know Windows keeps a cache of NETWORK ID's with regards devices and their associated IP addresses. One system on the network will be the "Master Browser" and feed location (IP) and resolution (DEVICE NAME) data to all the other systems on the network, by way of a vote. So if you have the VPN server on the router enabled, and you connect to it via your Mac, running a VPN client on the Mac, while residing on the local network anyway, the Mac will see EVERY device on your local network as having multiple IPs. One in the 192.168.*.* range and one in the 10.*.*.* range, and it will either not know which one to connect to, or it will take the most recent entry. I doubt very much the VPN will allow loopback connections over the VPN (i.e: from inside your home network) so this will be why you can't connect to anything.

For clarification, the VPN service on the router, is a SERVER, not a CLIENT. It's to be used for access to your home network from REMOTE LOCATIONS only. It Works like the old ReadyNAS Remote service used on NetGear NASes. It's not intended for use on a local network. Not to mention the fact, because your router has a NAT firewall built in, there's no need for VPNs while browsing devices on your local network, while your device already exists on that local network, to begin with.
  0  
  0  
#3
Options