Assuming your Gargoyle router is at 192.168.21.14, yes looks OK to me.
First thing to double check, you are trying to connect to the VPN from outside the network? Not from inside it? That can cause issues. Switch the iphone to cellular for testing (if you haven't been already).
Second thing to double check, your ISP IP address has not changed this whole time? If that isn't right you won't get a connection (obviously).
If not, probably time to look at logs from both Gargoyle and the iPhone.
Maybe the iPhone first? In the OpenVPN app you can view the log of the current connection and export it. Let it try to connect for 1-2 minutes before exporting it so we can see a few cycles of what it's doing.
Be aware that the log will reveal your public IP, so if that is precious to you please redact it from the logs, or PM it to me.
VPN problem
Moderator: Moderators
Re: VPN problem
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases
Please be respectful when posting. I do this in my free time on a volunteer basis.
Please be respectful when posting. I do this in my free time on a volunteer basis.
Re: VPN problem
Solved...
(I should change my handle to "dumb dumb")
Although it makes perfect sense to me now, this was my mistake:
Client Settings
In the "OpenVPN Server: Allowed Clients" for the Credentials, I was simply changing the IP in the "Client Connects To".. field, and then clicking "save"... rather than generating a whole new set of Credentials to load onto the IPhone... When I checked the OpenVPN Client log on the IPhone, I could see that it wasn't connecting to the correct router IP address - even though that's what the settings were instructing it to do...
It MUST be the Primary Router's ISP IP Address... Duh... But it wasn't getting updated.
So I simply generated a whole new Credential and loaded it... and viola... (what a dope)
Well, it works - thank you for your help and for all the work the community does -- this is such a fantastic little piece of tech... I am amazed by networks... (this is the euphoria of ceasing to bang my head against the wall speaking - it sure feels very nice)
Thanks again to everyone - Dumb Dumb
(I should change my handle to "dumb dumb")
Although it makes perfect sense to me now, this was my mistake:
Client Settings
In the "OpenVPN Server: Allowed Clients" for the Credentials, I was simply changing the IP in the "Client Connects To".. field, and then clicking "save"... rather than generating a whole new set of Credentials to load onto the IPhone... When I checked the OpenVPN Client log on the IPhone, I could see that it wasn't connecting to the correct router IP address - even though that's what the settings were instructing it to do...
It MUST be the Primary Router's ISP IP Address... Duh... But it wasn't getting updated.
So I simply generated a whole new Credential and loaded it... and viola... (what a dope)
Well, it works - thank you for your help and for all the work the community does -- this is such a fantastic little piece of tech... I am amazed by networks... (this is the euphoria of ceasing to bang my head against the wall speaking - it sure feels very nice)
Thanks again to everyone - Dumb Dumb
Re: VPN problem
OK, Quick question:
Given the following settings:
https://photos.app.goo.gl/uZb3kDn7uJM9Phtg7
If I wanted to create another client credential, to load onto a travel router.. what are the settings?
Do I route to a subnet? (how important is this? can it be 10.10.10.0? Or anything else I want as long as it doesn't duplicate my VPN network?)
Does "client perfer VPN gateway" need to be checked? What's the difference if checked or not?
Thanks again, in advance.
Given the following settings:
https://photos.app.goo.gl/uZb3kDn7uJM9Phtg7
If I wanted to create another client credential, to load onto a travel router.. what are the settings?
Do I route to a subnet? (how important is this? can it be 10.10.10.0? Or anything else I want as long as it doesn't duplicate my VPN network?)
Does "client perfer VPN gateway" need to be checked? What's the difference if checked or not?
Thanks again, in advance.
Re: VPN problem
Cool. Easy mistake to make. I had my public IP wrong setting up wireguard over the weekend.
For a router you don't need VPN Gateway checked. I don't know exactly what it does internally, but iOS versions of the OpenVPN client app seem to have trouble connecting without it.
Your travel routers LAN subnet needs to not be the same as OpenVPN (not 10.8.0.x), and can't be the same as the subnet of any other router connected to your VPN (assuming defaults, not 192.168.1.x).
So pick something new. This will ensure your traffic routing tables all work properly.
The "route subnet" option tells OpenVPN that there is a subnet behind the client and we want to setup routing tables to access it. This means that your home network could access anything behind your travel router.
So for a travel router maybe not that useful? Generally the "clients can access host LAN" setting is what you need for instead, but I don't know your use case.
Hope that makes sense.
For a router you don't need VPN Gateway checked. I don't know exactly what it does internally, but iOS versions of the OpenVPN client app seem to have trouble connecting without it.
Your travel routers LAN subnet needs to not be the same as OpenVPN (not 10.8.0.x), and can't be the same as the subnet of any other router connected to your VPN (assuming defaults, not 192.168.1.x).
So pick something new. This will ensure your traffic routing tables all work properly.
The "route subnet" option tells OpenVPN that there is a subnet behind the client and we want to setup routing tables to access it. This means that your home network could access anything behind your travel router.
So for a travel router maybe not that useful? Generally the "clients can access host LAN" setting is what you need for instead, but I don't know your use case.
Hope that makes sense.
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases
Please be respectful when posting. I do this in my free time on a volunteer basis.
Please be respectful when posting. I do this in my free time on a volunteer basis.
Re: VPN problem
It does, indeed - - thanks again!!
Re: VPN problem
So, Lantis - thanks again... this is really great and works just fine. Can I ask a somewhat related question? And tell me if I should post this as a new question...
I now understand and am able to configure my VPN Server. Great.
In my particular case, I have a 3 site VPN setup, as described here: viewtopic.php?p=41563#p41563
US Gargoyle Router (always in server mode)
Europe Gargoyle Router (with both server and client settings)
Travel Router or IPhone (with client settings)
From my IPhone, when on the road, I'd sometimes like to access my Europe Gargoyle Router and switch it from Client mode to Server mode, but I get the following error popup:
https://photos.app.goo.gl/EnV53YbYZHLP2EnQ8
To accomplish this is a two step process...
1. disactivate the server
2. activate the client
This can't be done remotely, and I'd have to ask someone in the office, connected to the router, to do this for me.. is there a way to do it from one of my other client devices, remotely.
It's a minor inconvenience, and frankly, I haven't had the need to accomplish this... but in a pinch, I'd love to be able to switch my EU router from client to server, from the road, using my IPhone... (does that make sense?)
Is that a fixable problem or can you suggest a work around?
In any case, having one router in Europe that acts as both client and server is just terrific... I love it. Thanks in advance.
I now understand and am able to configure my VPN Server. Great.
In my particular case, I have a 3 site VPN setup, as described here: viewtopic.php?p=41563#p41563
US Gargoyle Router (always in server mode)
Europe Gargoyle Router (with both server and client settings)
Travel Router or IPhone (with client settings)
From my IPhone, when on the road, I'd sometimes like to access my Europe Gargoyle Router and switch it from Client mode to Server mode, but I get the following error popup:
https://photos.app.goo.gl/EnV53YbYZHLP2EnQ8
To accomplish this is a two step process...
1. disactivate the server
2. activate the client
This can't be done remotely, and I'd have to ask someone in the office, connected to the router, to do this for me.. is there a way to do it from one of my other client devices, remotely.
It's a minor inconvenience, and frankly, I haven't had the need to accomplish this... but in a pinch, I'd love to be able to switch my EU router from client to server, from the road, using my IPhone... (does that make sense?)
Is that a fixable problem or can you suggest a work around?
In any case, having one router in Europe that acts as both client and server is just terrific... I love it. Thanks in advance.
Re: VPN problem
ummm
I think there might a better way.
Reverse VPN
viewtopic.php?f=11&t=11040&p=45528#p45528
I'm not sure if it will work with iphones though (I haven't tested)
I think there might a better way.
Reverse VPN
viewtopic.php?f=11&t=11040&p=45528#p45528
I'm not sure if it will work with iphones though (I haven't tested)
Re: VPN problem
Thank you, ispyisail - If I understand this correctly, there is only 1 server in your suggestion... I'm trying to have to have the option of choosing between 2.
For me, I'd like to be able to choose, whether to route through the US or the EU vpn server...
Does that make sense? or am I over-complicating things.
For me, I'd like to be able to choose, whether to route through the US or the EU vpn server...
Does that make sense? or am I over-complicating things.
Re: VPN problem
You just make one (virtual) network.
It don't matter where the location is they just all work as if they are on the local network.
always connected.
I've missed out a lot of details.................
It don't matter where the location is they just all work as if they are on the local network.
always connected.
I've missed out a lot of details.................
Re: VPN problem
Are you trying to use a VPN service?
or do you have gargoyle routers all around the world?
or do you have gargoyle routers all around the world?