OpenVPN ip addresses

[James_from_Canberra]

I know it's a very basic question, but there's nothing in the Gargoyle OpenVPN doco, and searching for keywords in this forum didn't find anything.

I'm running gargoyle 5.10 on a netgear 3700v1. I want to have a single vpn connection to the router and access to resources on my home network which uses addresses 192.168.1.0/24. The router is 192.168.1.1.

I understand I should set up OpenVPN Server and leave the default OpenVPN Internal IP as 10.8.0.1. However, what should I supply for the Client Internal IP in the Allowed Clients section? Should I provide an unused IP address in the 192.168.1.0/24 subnet?

Apologies for the basic question, but a VPN is a bad thing to have misconfigured.

[Rog66]

No - I believe it should be in the same subnet as the VPN server IP address (i.e. 10.8.0.2 - it should default to this ). In the other options above you specify whether the client has access to other lan clients in which case gargoyle should take care of the bridging of the two subnets.

[James_from_Canberra]

Looks like I've stuffed up then. There were no replies when I was trying to set up the VPN so I tried some different addresses to see if they worked. Unfortunately I tried a 192... address for the server which was then saved.

Is there an easy way to restart the VPN setup from scratch? If not, will a reset to factory defaults work, or do I have to reload the firmware?

Thanks

[Rog66]

In the openvpn config page set the openvpn configuration to "openvpn disabled" click on save changes . Once it comes back reset the configuration to " openvpn server" and you can specify the settings from scratch.

[James_from_Canberra]

Ok. Thanks. I just tried that. When I select OpenVPN Server it opens the page with the OpenVPN Internal IP field pre-populated with 192.168.1.5 and no client defined. If I change it to 10.8.0.1 I get the message above.

If I click on the Save Changes immediately after selecting OpenVPN Server (ie I change nothing and accept all the pre-populated fields), I get the same message. That implies the pre-populated values are invalid, but they can't be changed.

[Rog66]

Cant see the error message but if its a firewall conflict I have come across this before - gargoyle leaves the firewall port in the firewall config when you disable openvpn and if you then try and re-enable it, it sees a port conflict. The only way out I have found is to manually remove the lines from the config file or reset router settings.

As you've now also set the openvpn server ip address to the 192.168.x.x range, if the vpn is working I'd leave it alone . Just make sure that you don't allow dhcp to try and assign the openvpn server or client ip addresses that you have specified. Someone with a lot more knowledge of vpns may tell us why that's not a good idea, but I used to do this with a pptp vpn on dd-wrt and it worked fine.

[James_from_Canberra]

I finally reloaded the 1.5.10 firmware and tried restoring the configuration backup. Someone on the forum had reported that certificates were not included in the backup, so I hoped that I could avoid reentering the config data and just setup the VPN again. The VPN config seemed to have included in the backup and I still couldn't correct the IP addresses, so I reset everything and reentered all the configuration data. VPN still didn't work.

I included the extra two 'push' lines in the .conf file on the router and the VPN connection process got further but still wouldn't connect.

I upgraded the firmware to 1.6.0 and copied the new config files from the router to my IPad via iTunes. Now I can get my iPad to connect to the VPN. Finally, success. Well, half a success.

Now for my next newbie VPN question: I have successfully connected to the VPN. I tried using the share name after the DDNS name, eg gargoyle.myddns.org/music (not the actual address) in the Safari browser but that didn't work. How can I access the files on my home network using IOS on my iPad?

[Nreokfkorer]

Thank you for the informative posts.