OpenVPN Asus RT-AX86U does not work

OK, confused what you were saying in an earlier post. Got ti now I think. But you can access another device over the VPN remotely as below?
-I can log into another local device using the local IP using Chrome
Click to expand...

Assuming so, then you know that it's not the VPN. Must be something related to the VPN NVR or how you're accessing it. I don't think pings work through the VPN so that's not a good test.

Corrected: wrote VPN, meant NVR.
 
What are the chances that my ISP is blocking this? I have a Cellular MiFi hotspot that I have been using and tried to connect it VIA USB A to my Asus router but it would not work.

I really hate to try Merlin firmware because that would add another layer of possible issues like the DD-WRT I used years ago. If the general consensus wants me to try the Merlin firmware, I will do it.

Like, follow, and comment below if you want me to stay with Asus firmware or try the Merlin firmware. I will send my cash app, Venmo, and only fans so you can support my journey going uphill. : )
 
  • Haha
Reactions: bigredfish
Can't be blocking it if you can connect to something else inside your network.

Don't add any more complication.

If you want to try something different, then you might try setting up WireGuard instead. That shouldn't be too much trouble and works just as well or better.
 
  • Like
Reactions: bigredfish
Mike A. said:
OK, confused what you were saying in an earlier post. Got ti now I think. But you can access another device over the VPN remotely as below?


Assuming so, then you know that it's not the VPN. Must be something related to the VPN NVR or how you're accessing it. I don't think pings work through the VPN so that's not a good test.

Corrected: wrote VPN, meant NVR.
Click to expand...

I can access the Asus router webpage while away using the VPN. I can also access the webpage for my Z wave system while away connected with the VPN. I don't know what else to try to prove/confirm my iPhone and MacBook are connecting with the VPN. Something is not set right on the NVR or it could be my ISP.


I will ask again, what should the Preferred and Alternate DNS be set to?
 
Dont think the ISP could be the problem. You make the connection.

Dont think DNS is the issue if your connecting via IP

Agree with not adding complexity
 
  • Like
Reactions: Mike A.
I use Google? DNS
8.8.8.8
8.8.4.4
 
OK, so then you know that the VPN is working and you're connected to your network. DNS shouldn't matter if you're using IP addresses to get there. And if you're using host name then it's somehow resolving since you're getting there now. But if you want you can put in 1.1.1.1 (CloudFlare) or 8.8.8.8 (Google) if you want.
 
What if he's connecting but not passing the right credentials to the NVR? Default is to lock you our after 3-5 tries....

Maybe have a look at the NVR Log?
 
  • Like
Reactions: Mike A.
P2P is OFF on the NVR right?

And I would add the NVR back to DMSS by IP/Domain just for assurance
 
What happens when you try to access the local IP address of the NVR? Are you including the port number following the IP if not running on port 80? e.g., 192.168.1.x:81 or whatever

What's the local IP assigned to your phone/MacBook? What's the local IP of the NVR?
 
BruceWayne007 said:
I can access the Asus router webpage while away using the VPN. I can also access the webpage for my Z wave system while away connected with the VPN. I don't know what else to try to prove/confirm my iPhone and MacBook are connecting with the VPN. Something is not set right on the NVR or it could be my ISP.


I will ask again, what should the Preferred and Alternate DNS be set to?
Click to expand...
Don't worry too much about the preferred and alternate DNS settings, they aren't particularly relevant to this VPN problem. If in doubt, use Quad9 (9.9.9.9), Cloudflare (1.1.1.1) and /or Google (8.8.8.8), your choice of preference order.

If you say that you can definitely access the web interface of your Asus router from outside your home network over the OpenVPN connection, that seems to prove that you have the connection sorted. However, without going back and re-reading through the whole thread, did you say that the NVR exposes an interface on the same subnet as that Asus router provides? If so, it should be accessible, if not, perhaps the NVR is configured to a different subnet?

There is the slight possibility that your ISP could be blocking connections, although your ability to reach the router web configuration pages seem to prove otherwise. Most OpenVPN configs by default setup the tunnel over UDP, port 1194, and that is best for various efficiency reasons, but you could also try setting it up over TCP, port 443 to test out the blocking theory.
 
Mike A. said:
What happens when you try to access the local IP address of the NVR? Are you including the port number following the IP if not running on port 80? e.g., 192.168.1.x:81 or whatever

What's the local IP assigned to your phone/MacBook? What's the local IP of the NVR?
Click to expand...

BigRedFish, P2P is not checked and shows a status of Offline. I have never enabled it.

I cannot connect to the NVR webpage and have not tried with the port.

Ok, I tried with the port included using the Chrome app on my iPhone and it does not work.

NVR 192.168.1.208:37777 for the TCP port. There are seven different port names listed and they are all unique.
iPhone 192.168.1.99 when local the the DMSS app works.
 
  • Like
Reactions: bigredfish
BruceWayne007 said:
NVR 192.168.1.208:37777 for the TCP port. There are seven different port names listed and they are all unique.
iPhone 192.168.1.99 when local the the DMSS app works.
Click to expand...

Don't think that you want port 37777. Think that's a management/control port. I don't use the NVRs but it's probably 80. @bigredfish may know better. If you don't have to use a port address when accessing the NVR locally, then it's 80 and you shouldn't have to.
 
Mike A. said:
Don't think that you want port 37777. Think that's a management/control port. I don't use the NVRs but it's probably 80. @bigredfish may know better. If you don't have to use a port address when accessing the NVR locally, then it's 80 and you shouldn't have to.
Click to expand...


Yep 80, no need to add the port#
 
Mike A. said:
Don't think that you want port 37777. Think that's a management/control port. I don't use the NVRs but it's probably 80. @bigredfish may know better. If you don't have to use a port address when accessing the NVR locally, then it's 80 and you shouldn't have to.
Click to expand...

bigredfish said:
Yep 80
Click to expand...

Are you guys referring to
TCP Port
UDP Port
HTTP Port
HTTPS Port
RTSP Port
NTP Port
POS Port
 
HTTP when using a browser to try the access.

In the router where it shows your clients, you can see the iPhone/MacBook when connected via VPN?
 
BTW, I assume your modem is just a modem and not a modem/router/Wifi box. If it is the later then it needs to be in pass-through mode. Also I assume you don't have a subscription VPN service running like NordVPN or the like. If so, turn it off.
 
  • Like
Reactions: jrbeddow and bigredfish
Sybertiger said:
BTW, I assume your modem is just a modem and not a modem/router/Wifi box. If it is the later then it needs to be in pass-through mode. Also I assume you don't have a subscription VPN service running like NordVPN or the like. If so, turn it off.
Click to expand...

My cable modem is just that and nothing more, simple and I own it.

I do not have any VPN service that I know of.





Mike A. said:
HTTP when using a browser to try the access.

In the router where it shows your clients, you can see the iPhone/MacBook when connected via VPN?
Click to expand...

No, I do not see them. I do see them when direct connect but not via VPN.
 
On the router VPN status tab it should show the VPN server is running. Then when you connect via VPN it should show you have connected, by whom and how. It it just says running then nothing has connected.
 
  • Like
Reactions: Mike A. and jrbeddow
You must log in or register to reply here.
Top Bottom