Posted: Tue Sep 27, 2016 23:24 Post subject: Setting Up OpenVPN Client On R7000(Switch)
My current setup is Main Router R7000 DDWRT ---> Switch Router R7000 OpenVPN Client.
I have managed to get my openvpn client connected to my nord vpn subscription the current problem is none of the traffic is going thru to the vpn. Everytime i try to put in the ip address (192.168.1.128/24) i need sent thru to the vpn under policy based routing i hit apply and i loose my webui and no longer have telnet access to the router either. Can anyone help me with my problem?
TLDR Main Router Connected to Switch Router running an open vpn client. No traffic is routed thru to the vpn.
It won't work on pure access point mode, i.e. LAN-LAN configuration. It has to be in router mode, i.e. LAN-WAN configuration. To verify that, you can try setting up OpenVPN client on your main router R7000 instead of the switch R7000.
It won't work on pure access point mode, i.e. LAN-LAN configuration. It has to be in router mode, i.e. LAN-WAN configuration. To verify that, you can try setting up OpenVPN client on your main router R7000 instead of the switch R7000.
Is there any way I can setup my switch to properly use the VPN?
Connect your secondary R7000's WAN port to the LAN port of your main R7000 router and setup your secondary R7000 as Gateway similar to your main R7000 router but use another subnet. Say your main R7000 is using 192.168.1.x then use another subnet such as 192.168.20.x for the secondary router. Before setting up OpenVPN client on the secondary router, make sure clients connected to the secondary router can go to the Internet. Then setup OpenVPN client on the secondary router. You can disable wifi on the secondary router if you don't need it on the secondary router.
After OpenVPN is up and running properly, any clients connected to the secondary router should go through VPN.
Connect your secondary R7000's WAN port to the LAN port of your main R7000 router and setup your secondary R7000 as Gateway similar to your main R7000 router but use another subnet. Say your main R7000 is using 192.168.1.x then use another subnet such as 192.168.20.x for the secondary router. Before setting up OpenVPN client on the secondary router, make sure clients connected to the secondary router can go to the Internet. Then setup OpenVPN client on the secondary router. You can disable wifi on the secondary router if you don't need it on the secondary router.
After OpenVPN is up and running properly, any clients connected to the secondary router should go through VPN.
Okay i set it up as per your post and the second router does have internet acess. The only problem im having now is i cannot access my second routers webui from my first router. Any Ideas?
Additionally i only want the ip's i specify to go thru the VPN.
Managed to get only specific ip's thru to the vpn by using policy based routing. The only issue im having now is i cannot access the second routers web ui when connected to the first router. Secondly i cannot access a remote desktop connection on a pc connected to the second router.
Since you know how to use policy based routing, I would suggest you setup the VPN client on your main router instead of the secondary router and it should fix the problem that you are having. You can discard the secondary router completely unless you still need it as a switch. In that case, you should return the secondary router back to switch as per your original setup.
Since you know how to use policy based routing, I would suggest you setup the VPN client on your main router instead of the secondary router and it should fix the problem that you are having. You can discard the secondary router completely unless you still need it as a switch. In that case, you should return the secondary router back to switch as per your original setup.
I can use my primary as a openvpn client if I really need too but I would like to avoid if at all possible. Is there any way I can setup my routers so I can access both router web ui's from the primary router?
In order to access the secondary router from clients on the main router, you have to enable Remote Access for Web GUI Management. Connect a PC on the secondary router and on the web GUI, go to Administration, enable Web GUI Management under Remote Access. Note the Port number which is 8080 by default. Click Save and then Apply Settings. Now go to Status, select WAN and note the WAN IP address.
With the above set properly, connect PC to the main router and open the web GUI for the WAN IP at port 8080
In order to access the secondary router from clients on the main router, you have to enable Remote Access for Web GUI Management. Connect a PC on the secondary router and on the web GUI, go to Administration, enable Web GUI Management under Remote Access. Note the Port number which is 8080 by default. Click Save and then Apply Settings. Now go to Status, select WAN and note the WAN IP address.
With the above set properly, connect PC to the main router and open the web GUI for the WAN IP at port 8080
You don't need to do anything for the main router as you can access it from either the main router or the secondary router as usual.
Ok, last question i swear! i really appreciate your help so much js1662! My last question is how do i access a remote desktop connection on a PC thats connected to my second router? Ive tried port forwarding the pc's ip which is 192.168.10.118 and TCP & UDP Port 3389. But when i try to connect to the IP it never works. What am i doing incorrectly?
If you are trying to remote access 192.168.10.118 directly that won't work as IP 192.168.10.118 is not visible from the WAN side. Since you have already done port forwarding, try accessing the WAN IP of the secondary router at port 3389. Hopefully it will direct the request to 192.168.10.118 correctly. Good luck!