Asus ac86 -open vpn, internet but no network.

[Dudester]

I set up open vpn or at least i think I did,I also set up ddns. I can get into the router remotely,make changes and browse the net, but cannot get it to find my equipment on my network. Blue iris times out on my iphone. When connected within local network on my iphone the Blue Iris app comes right up. I set it up by Randys link although I think a few things in the newer firmware may have been differant. I tried a few other tweaks i found by google but have had no luck. I have another app on my phone that will pull my desktop up when on the local net besides BI and it will not work remotely either so i dont believe its the blue isis setup and my issue is in my router somewhere. I’ve been at this for 3 days. Unless I am wrong i assumed open vpn would work like i was sitting within my local network. Any suggestions? I am about ready to ditch the vpn and let blue isis foward the ports which i really dont want to do.

 

[fenderman]

Ensure that you enter the Lan IP address for both the wan and lan boxes in the blue iris app

 

[vwsplitty]

I have the same set up, what do you have selected for your “client will use vpn to access” as per my picture?

I have mine for LAN only, if you have it selected for internet it will not see anything on your lan and if sleceted both you need to make sure the IP ranges the router selects as default are ok with yours.

 

[Dudester]

I have the same set up, what do you have selected for your “client will use vpn to access” as per my picture?

I have mine for LAN only, if you have it selected for internet it will not see anything on your lan and if sleceted both you need to make sure the IP ranges the router selects as default are ok with yours.

Mine is differant. It has lan only, and internet and lan, I have internet and lan selected. Thought i tried to select lan only already, but ill try it again and see what it does.

 

[Dudester]

Mine is differant. It has lan only, and internet and lan, I have internet and lan selected. Thought i tried to select lan only already, but ill try it again and see what it does.

No luck,times out and reads check server address. I used both my host ddns name and my actual wan address.

 

[SouthernYankee]

Try accessing the VPN from an externial wifi. Or access it via a remote PC. You can use your phone but turn off the lte.

 

[vwsplitty]

I presume when you are on on Lan and not on vpn yon can connect to web pages of devices you have ok like one of the cameras ? Or the BI app works ok?

Also I take it you are using stock ASUS firmware?

I’m using the latest merlin and openvpn gets updated a lot. I had a lot of issues when I first had this router with openvpn but most of those issues have now gone using latest merlin. Not saying that is your problem but might be worth giving it ago

 

[vwsplitty]

As Yankee said you aren’t trying to connect the vpn while actually connected to your Wi-fi/LAN you need to be on mobile phone data only (turn off phone Wi-fi )

 

[Dudester]

Im on the cellular only. I can cconnect blue isis no issues when i connect back to my localwifi.

 

[vwsplitty]

When you connect vpn while on phone data can you see or connect to other things on your LAN?

Have you used default vpn settings?

You need to make sure the ip range the vpn server uses does not conflict with ip range of your LAN

And as said before I would give the latest
Merlin build a go saved me a good few headaches

 

[Dudester]

Well i logged into a hotspot wifi and it connected right up. LTE not work with openvpn?

 

[looney2ns]

Well i logged into a hotspot wifi and it connected right up. LTE not work with openvpn?

Try changing your VPN port to 443 in OpenVpn setup.

 

[Dudester]

Try changing your VPN port to 443 in OpenVpn setup.

It didn't work either. i tried another phone just using just lte and no luck.i toggled so much on and off I'm going to probably have to reset the router to stock and start over.

 

[looney2ns]

You exported the openvpn config file from router and imported it into open vpn connect app on your phone right?
Then entered your passkey and user name you setup in the router in the open vpn app on the phone?

 

[Dudester]

You exported the openvpn config file from router and imported it into open vpn connect app on your phone right?
Then entered your passkey and user name you setup in the router in the open vpn app on the phone?

Yes, did it several times actually. i can log into my router fine and actually make changes to it but cannot log into Blue Iris or look up a ip on my network.only ip I can look up is my router and it goes right to it. When i log onto a wifi hotspot blue Iris client app connects right up same as if i were on my local network, go back to lte and it cannot connect. Tried it on two different phones, both att but different billing accounts. Went into open vpn client settings and it says both under cellular and wifi, Its something with the vpn because I have two other places that the ports are forwarded and it works fine on cellular on those.

 

[Mike A.]

Yes, did it several times actually. i can log into my router fine and actually make changes to it but cannot log into Blue Iris or look up a ip on my network.only ip I can look up is my router and it goes right to it. When i log onto a wifi hotspot blue Iris client app connects right up same as if i were on my local network, go back to lte and it cannot connect. Tried it on two different phones, both att but different billing accounts. Went into open vpn client settings and it says both under cellular and wifi, Its something with the vpn because I have two other places that the ports are forwarded and it works fine on cellular on those.

So the VPN connects via cell, you just can't get to anything other than the router itself? If so, then sounds like you may not be getting a local network address assigned to your phone. Or the internal routing between the 10.8.0.x and 192.168.1.x network isn't being established. You can get to the router because you're connecting on the outside interface of your router/network directly. Without a local address you can't get inside. I've had no sleep so my brain isn't working well enough to think through what might be causing the difference between cell and WiFi right now but that would be my first guess.

Try opening the OpenVPN log on your phone and see if there are errors. There should be a section for each connection that starts with the date and time and then says "OPTIONS." You should see a [route] section below that which should be your local network and mask (e.g., 192.168.1.0 and 255.255.255.0). Then below that there will be another [route] that typically will be a 10.8.0.1 by default. Then usually a final line in that section that says [ifconfig] [10.8.0.6][10.8.0.5] or similar numbers. Also some other routing entries that start with a date and time and "NIP." See if you see any errors or failures there.

 

[Dudester]

Just a update, i was able to log into my cameras web browser and reset it by vpn over cell, so i am getting into my network , but no luck on BI, unless i log into a wifi hotspot. Weird, because the hotspot works over cell although its a diferant provider.

 

[randytsuch]

I've read recently carriers are moving to IPv6, and that its can cause problems with vpn maybe.

You using openvpn connect app?
Did you go try different settings there?

What do the router and iphone openvpn logs say?

 

[Dudester]

Just a update , never did get the iPhone app to work through cellular only. I can connect the vpn and enter my lan and and bring can up the web browse and log into blue iris. I’m thinking it’s a Att issue, since if I log into a Verizon WiFi hotspot and the phone app will open right up.

 

[Mike A.]

Just a update , never did get the iPhone app to work through cellular only. I can connect the vpn and enter my lan and and bring can up the web browse and log into blue iris. I’m thinking it’s a Att issue, since if I log into a Verizon WiFi hotspot and the phone app will open right up.

Shouldn't be the case with AT&T more generally. I've used mine via cell when travelling all over without problems. In fact I run all of my cellular Internet traffic back through my network for ad and other site blocking so I'm pretty much always on it when away from the house and that relies on access to a machine internal to my network for the filtering. Again, try looking at the OpenVPN log. Easy to do from the app. I'm thinking that it's an address/routing issue. Can't think of any other reason otherwise why you could hit it from one outside address and not from another. Could be something with IP v6 but I run with it turned off completely at my router. Can you access anything else within your network (e.g., one of the cams directly) via the VPN?