LRT224 openvpn routing
LRT224 openvpn routing
Hi all, after the decommissioning of the linksys forum, this must be the place to be!
I have an issue with my openvpn service on the LRT224 and i hope you can help me out.
I have an openvpn client connected to my ROUTER 1, receiving an class B private address i can access the ROUTER 1 LAN network (class C private network)
My ROUTER 1 is connected to ROUTER 2 through a site to site VPN.
From my openvpn client i cant access ROUTER 2 LAN. Firewall rules have been set up accordinly.
When querying a traceroute on VPN client computer, my ROUTER 2 LAN ip is routed to the internet.
Is this a known issue? Or am I doing something wrong?
I have an issue with my openvpn service on the LRT224 and i hope you can help me out.
I have an openvpn client connected to my ROUTER 1, receiving an class B private address i can access the ROUTER 1 LAN network (class C private network)
My ROUTER 1 is connected to ROUTER 2 through a site to site VPN.
From my openvpn client i cant access ROUTER 2 LAN. Firewall rules have been set up accordinly.
When querying a traceroute on VPN client computer, my ROUTER 2 LAN ip is routed to the internet.
Is this a known issue? Or am I doing something wrong?
- chadster766
- Posts: 46
- Joined: Sat Jun 05, 2021 9:25 pm
Re: LRT224 openvpn routing
If the OpenVPN Client is routing Router2 IP Subnet out through internet then you could tray configuring the OpenVPN client to add a static route for that IP Subnet to Router1 instead of the internet.
I think you add the below example command to your client OpenVPN config:
or send everything through the VPN with:
I think you add the below example command to your client OpenVPN config:
Code: Select all
route 192.168.x.x 255.255.255.0 Router1-VPN-IP-Addr
Code: Select all
redirect-gateway def1
The former top Linksys Community Forums support rep
Re: LRT224 openvpn routing
Thanks for your reply Chadster,
This is a part of my route print on my client computer.
"IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.43.1 192.168.43.23 55
0.0.0.0 128.0.0.0 172.x.x.x 172.x.x.y 257
84.x.x.x 255.255.255.255 192.168.43.1 192.168.43.23 311
172.x.x.y is my openvpn clients IP
So routing to 192.168.x.0 is working
Routing to 192.168.y.0 is not working
Consulting the routing table both subnets are routed to 172.x.x.x
It looks like my linksys is not routing openvpn traffic towards the 192.168.y.0
Am i correct?
This is a part of my route print on my client computer.
"IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.43.1 192.168.43.23 55
0.0.0.0 128.0.0.0 172.x.x.x 172.x.x.y 257
84.x.x.x 255.255.255.255 192.168.43.1 192.168.43.23 311
172.x.x.y is my openvpn clients IP
So routing to 192.168.x.0 is working
Routing to 192.168.y.0 is not working
Consulting the routing table both subnets are routed to 172.x.x.x
It looks like my linksys is not routing openvpn traffic towards the 192.168.y.0
Am i correct?
- chadster766
- Posts: 46
- Joined: Sat Jun 05, 2021 9:25 pm
Re: LRT224 openvpn routing
Your post is missing Static routes info.
I don't see any routes specific to your LRT private LAN IP Subnets.
Posting private ip lan Subnets isn't a security risk imo.
I don't see any routes specific to your LRT private LAN IP Subnets.
Posting private ip lan Subnets isn't a security risk imo.
The former top Linksys Community Forums support rep
Re: LRT224 openvpn routing
Happy new year Chadster and all!
This is the complete routing table, no static routes to 192.168.x.0 or 192.168.y.0 subnets
Still pinging 192.168.x devices works
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.43.1 192.168.43.23 55
0.0.0.0 128.0.0.0 172.31.0.5 172.31.0.6 257
84.195.74.138 255.255.255.255 192.168.43.1 192.168.43.23 311
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
128.0.0.0 128.0.0.0 172.31.0.5 172.31.0.6 257
169.254.0.0 255.255.0.0 On-link 169.254.139.217 281
169.254.139.217 255.255.255.255 On-link 169.254.139.217 281
169.254.255.255 255.255.255.255 On-link 169.254.139.217 281
172.31.0.0 255.255.255.0 172.31.0.5 172.31.0.6 257
172.31.0.4 255.255.255.252 On-link 172.31.0.6 257
172.31.0.6 255.255.255.255 On-link 172.31.0.6 257
172.31.0.7 255.255.255.255 On-link 172.31.0.6 257
192.168.43.0 255.255.255.0 On-link 192.168.43.23 311
192.168.43.23 255.255.255.255 On-link 192.168.43.23 311
192.168.43.255 255.255.255.255 On-link 192.168.43.23 311
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 169.254.139.217 281
224.0.0.0 240.0.0.0 On-link 172.31.0.6 257
224.0.0.0 240.0.0.0 On-link 192.168.43.23 311
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 169.254.139.217 281
255.255.255.255 255.255.255.255 On-link 172.31.0.6 257
255.255.255.255 255.255.255.255 On-link 192.168.43.23 311
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.100.75 1
169.254.0.0 255.255.0.0 192.168.100.120 1
My 172.31 client is connected per Mobile Hotspot
This is the complete routing table, no static routes to 192.168.x.0 or 192.168.y.0 subnets
Still pinging 192.168.x devices works
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.43.1 192.168.43.23 55
0.0.0.0 128.0.0.0 172.31.0.5 172.31.0.6 257
84.195.74.138 255.255.255.255 192.168.43.1 192.168.43.23 311
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
128.0.0.0 128.0.0.0 172.31.0.5 172.31.0.6 257
169.254.0.0 255.255.0.0 On-link 169.254.139.217 281
169.254.139.217 255.255.255.255 On-link 169.254.139.217 281
169.254.255.255 255.255.255.255 On-link 169.254.139.217 281
172.31.0.0 255.255.255.0 172.31.0.5 172.31.0.6 257
172.31.0.4 255.255.255.252 On-link 172.31.0.6 257
172.31.0.6 255.255.255.255 On-link 172.31.0.6 257
172.31.0.7 255.255.255.255 On-link 172.31.0.6 257
192.168.43.0 255.255.255.0 On-link 192.168.43.23 311
192.168.43.23 255.255.255.255 On-link 192.168.43.23 311
192.168.43.255 255.255.255.255 On-link 192.168.43.23 311
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 169.254.139.217 281
224.0.0.0 240.0.0.0 On-link 172.31.0.6 257
224.0.0.0 240.0.0.0 On-link 192.168.43.23 311
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 169.254.139.217 281
255.255.255.255 255.255.255.255 On-link 172.31.0.6 257
255.255.255.255 255.255.255.255 On-link 192.168.43.23 311
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
169.254.0.0 255.255.0.0 192.168.100.75 1
169.254.0.0 255.255.0.0 192.168.100.120 1
My 172.31 client is connected per Mobile Hotspot
- chadster766
- Posts: 46
- Joined: Sat Jun 05, 2021 9:25 pm
Re: LRT224 openvpn routing
Please post the first section of your ovpn file blanking out the public ip address or url for the lrt.
The former top Linksys Community Forums support rep
Re: LRT224 openvpn routing
This is the ovpn file i have
dev tun
proto tcp
remote xxxxxxxxxxxxxxxx 1194
cipher AES-256-CBC
auth SHA1
resolv-retry infinite
nobind
persist-key
persist-tun
client
auth-user-pass
verb 3
dev tun
proto tcp
remote xxxxxxxxxxxxxxxx 1194
cipher AES-256-CBC
auth SHA1
resolv-retry infinite
nobind
persist-key
persist-tun
client
auth-user-pass
verb 3
- chadster766
- Posts: 46
- Joined: Sat Jun 05, 2021 9:25 pm
Re: LRT224 openvpn routing
Your client ovpn config does not send all traffic across the vpn.
Please added the below config to your ovpn client config.
Please added the below config to your ovpn client config.
Code: Select all
redirect-gateway def1
The former top Linksys Community Forums support rep
Re: LRT224 openvpn routing
This did not do the trick for me
- chadster766
- Posts: 46
- Joined: Sat Jun 05, 2021 9:25 pm
Re: LRT224 openvpn routing
When you traceroute/tracert to a IP Address on the remote LAN you should see it going through the VPN instead of the ISP connection.
The former top Linksys Community Forums support rep