That setting you switched is called "redirect-gateway" setting in OpenVPN terminology, which means that ALL traffic from your vpn client endpoint WILL go through the vpn tunnel, regardingless of local instituted routers/gateways. Downside is that all your network traffic goes straight into the tunnel, and you'll surf with the IP address from your home ISP WAN. Which means, you "pay" twice the bandwidth (inbound plus outbound = times 2). However, what you have encountered here, is that the VPN server is thén in charge of all routing, hence you have 100% probability in reaching your BI server, because that one is residing on your home LAN.
Hope this explains!
CC
In my router, the "switch" I changed is called:
"Client will use VPN to access"
and the two choices are:
"Local network only" and "Internet and local network".
My interpretation of that switch's function was to select whether or not VPN clients, when connected, would have access only to the Local Area Network of the VPN server, OR have access to that, as well as to the internet connection used by the router (VPN server).
So my understanding seems to match what you've described.
The home network that is served by this Asus router and thus, it's VPN, gets its internet connection via a cable modem, and we've got unlimited data, with 100Mbps speed down, and 10Mbps speed up. So what I was thinking was that when we're out and about, and perhaps on a non-secure public WiFi system (hotel, airport, etc.) we could switch on the VPN client in our phone, tablet, etc., connect to our home VPN, and be able to surf or conduct business securely via the VPN encryption (and using our home network's internet access).
All of that "internet traffic" would, as you point out, go both ways through our home internet connection, and I could imagine this, perhaps, slowing things down, but it won't cost us anything extra in our case. So this seems like a reasonable tradeoff, if I'm understanding it correctly.
What I don't understand is this:
When I had (as shown in the screen cap above) this selection set to "Local network only", I could not get my Open VPN client, on a computer at work, to connect to my Blue Iris server (PC). Yet after I switched that setting to "Internet and local network", it worked right away, with me making no changes on the remote (work) PC.
However, our phones have been able to connect to the Blue Iris server, using the Blue Iris app on the phones, when out and about, with the OpenVPN client switched on in the phones, all along.
It makes me wonder if there's something else I need to set correctly on the remote PC (in this case, a PC of mine at work) to assure that it will work the way our phones (using the BI app) do. That way, I can use either setting of the "redirect-gateway" setting.
I think I'll play with this more today. I'll set the home router's VPN to "local network only" again and see if it still works from the work PC this time.
Perhaps there are other configuration "switches" I could set in the client.ovpn file used by the work PC that would help it connect regardless of the home VPN server's "redirect-gateway" setting. Then again, maybe it was just a fluke, or I inadvertently changed something else that made it work. Further careful testing is probably warranted on my part.
Anyhow, thanks for your (and everyone's) time and help. Initially, I just wanted to try this all out. Now I want to understand it more thoroughly. So I appreciate all of the work everyone has put into this thread and the other resources on this site.
