Page 3 of 3
Re: Is OpenVPN right for this?
Posted: Tue May 08, 2018 7:11 pm
by ispyisail
I'm not sure 1.10.0 has the “vpn_gateway” option
Need to install the latest 1.10.x
Re: Is OpenVPN right for this?
Posted: Tue May 08, 2018 8:09 pm
by d3fz
ispyisail wrote:I'm not sure 1.10.0 has the “vpn_gateway” option
Need to install the latest 1.10.x
It does not. It was
only made available for builds > 28/dec/17.
Re: Is OpenVPN right for this?
Posted: Wed May 09, 2018 12:28 am
by tiptongrange
Thanks everyone for your help, I finally got this up and running. The key problem I had was that I was running it as a bridge instead of a gateway.
Thanks also for the other tips, changing the encryption got rid of the error messages, and switching to TCP 443 allows me to bypass the restricted access. Here's my configuration, it's sitting on the LAN through a wireless connection. It gets its address through DHCP (it probably should be a static address), but my router lets me port forward to the name of the device rather than to an ip address.
The image below is the bottom half of the page above.
Re: Is OpenVPN right for this?
Posted: Wed May 09, 2018 12:58 am
by ispyisail
but my router lets me port forward to the name of the device rather than to an ip address.
I doubt this will be the case when you using VPN off site?
If you want to get fancy (remote DNS resolve) you might be able to do this via command line
https://www.gargoyle-router.com/wiki/do ... s_policies
Re: Is OpenVPN right for this?
Posted: Wed May 09, 2018 1:11 am
by tiptongrange
I already tested this offsite, everything works fine. The real test will be when or if my router ever decides to assign it a new ip address, then will the port forwarding follow it.
Re: Is OpenVPN right for this?
Posted: Wed May 09, 2018 12:37 pm
by ispyisail
then will the port forwarding follow it.
When you say "port forward" are you talking about "DNS resolution" or actual "Port Forward"?
Re: Is OpenVPN right for this?
Posted: Wed May 09, 2018 2:11 pm
by tiptongrange
I was wondering whether the packets would be forwarded to the right place. However, after reading a little, I see that Verizon's firmware on this router handles static IP addresses in a nonstandard way. Normally, static IP's are set directly on the device to an address outside the DHCP server range. However, this router wants all devices to be connected through DHCP, it will then reserve a specific IP address for a specific MAC address if a device wants a static address. This way, an administrator can use the router software to manage static addresses to make sure they don't conflict with each other.
The firmware also has options to handle it in the standard way, but you have to reset the DHCP server range.
Re: Is OpenVPN right for this?
Posted: Wed May 09, 2018 3:18 pm
by ispyisail
Normally, static IP's are set directly on the device to an address outside the DHCP server range
This doesn't sound right to me?
e.g. What is normal?
To be fair i used to think that
static IP's are set directly on the device to an address outside the DHCP server range
was normal
I don't anymore