I have a Keenetic Hopper router (Hopper (KN-3810) EU, OS version 4.3.6 - Your device is up to date). Installed an OpenVPN server on the router. The server is running, and I can connect from clients outside my home network. However, clients do not have internet access when they are connected to the OpenVPN server. Does anyone have a clue how connected clients can get internet access?
OpenVPN Server (config is posted below):
OpenVPN settings
Spoiler
Firewall rule for clients to the OpenVPN server:
Spoiler
Port forwarding rule for clients to the OpenVPN server:
Spoiler
Additionally, I made a NAT setting in the router CLI:
interface OpenVPN0 no ip global
interface OpenVPN0 security-level private
no isolate-private
ip nat OpenVPN0
system configuration save
In the Connection Policies, OpenVPN Server even has a green dot:
Spoiler
Client (config is posted below):
Can connect to the OpenVPN Server from various networks (I tried with an Android phone and a Windows notebook)
Can open the Keenetic Hopper web frontend through 192.168.1.1 in the browser (this proves that there is a connection)
DNS seems not wo work at the client (not sure though if it DNS works or not)
Cannot open any website on the internet. Cannot even ping various IPs what usually reply to a ping (therefore I think that this is no DNS problem).
OpenVPN Server config (certificates are anonymized):
Spoiler
port 1194
proto tcp
dev tun
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca><cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert><key>
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
</key><dh>
-----BEGIN DH PARAMETERS-----
....
-----END DH PARAMETERS-----
</dh>
server 10.8.0.0 255.255.255.0
;ifconfig-pool-persist ipp.txt
keepalive 10 120
data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
data-ciphers-fallback AES-256-CBC
auth SHA256
persist-key
persist-tun
;status openvpn-status.log
log-append openvpn.log
verb 6
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 1.1.1.1"
Client config (certificates and keys are anonymized, X.X.X.X is the IP where Keenetic Hopper is connected to the internet):
Spoiler
client
dev tun
proto tcp
remote X.X.X.X 1194
resolv-retry infinite
nobind
persist-key
persist-tun
cipher AES-256-CBC
auth SHA256
verb 3
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca><cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert><key>
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
</key>
route 0.0.0.0 0.0.0.0
dhcp-option DNS 8.8.8.8
dhcp-option DNS 1.1.1.1
You can post now and register later.
If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.
Question
travelflo0
I have a Keenetic Hopper router (Hopper (KN-3810) EU, OS version 4.3.6 - Your device is up to date). Installed an OpenVPN server on the router. The server is running, and I can connect from clients outside my home network. However, clients do not have internet access when they are connected to the OpenVPN server. Does anyone have a clue how connected clients can get internet access?
OpenVPN Server (config is posted below):
OpenVPN settings
Firewall rule for clients to the OpenVPN server:
Port forwarding rule for clients to the OpenVPN server:
Additionally, I made a NAT setting in the router CLI:
interface OpenVPN0 no ip global interface OpenVPN0 security-level private no isolate-private ip nat OpenVPN0 system configuration saveIn the Connection Policies, OpenVPN Server even has a green dot:
Client (config is posted below):
OpenVPN Server config (certificates are anonymized):
Client config (certificates and keys are anonymized, X.X.X.X is the IP where Keenetic Hopper is connected to the internet):
Edited by travelflo0clarifications
0 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.