Hi there,
Unfortunately I cannot start a new topic so I found similar subject and would write here.
I have a problem with my Asus RT-AC68U (Firmware:386.14_2) when trying to use OpenVPN through stunnel.
I use the same configuration separately on my MacBook, VM on Linux, Windows. It works fine (openvpn to 127.0.0.1 + stunnel to external vpn server).
When I'm trying to repeat this configuration on my router (without need to do it on each client) I see this working only from router console (ssh) but not for connected clients.
OpenVPN
client
dev tun
proto tcp
remote 127.0.0.1 1194
resolv-retry infinite
nobind
user nobody
group nobody
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-GCM
verb 3
Stunnel
foreground = yes
[openvpn]
client = yes
accept = 127.0.0.1:1194
connect = 83.10.10.10:1111
verifyPeer = yes
My steps:
1. Check internet connection
- from router console (working)
- from client (working)2. Turn OpenVPN client ON.3. Check internet connection
- from router console (not working)4. Manually add route which was in the log but actually wasn't in the route table5. Check internet connection
- from router console (working)- from client (not working)So, there are 2 problems:
1. VPN external ip is not added to the ovpnc1 table
2. When it was fixed manually internet vpn connection works from router itself but doesn't from clients.
Please advice.
additional info
ip ruleip rule (VPN ON)
Unfortunately I cannot start a new topic so I found similar subject and would write here.
I have a problem with my Asus RT-AC68U (Firmware:386.14_2) when trying to use OpenVPN through stunnel.
I use the same configuration separately on my MacBook, VM on Linux, Windows. It works fine (openvpn to 127.0.0.1 + stunnel to external vpn server).
When I'm trying to repeat this configuration on my router (without need to do it on each client) I see this working only from router console (ssh) but not for connected clients.
OpenVPN
client
client
dev tun
proto tcp
remote 127.0.0.1 1194
resolv-retry infinite
nobind
user nobody
group nobody
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-GCM
verb 3
Stunnel
client
foreground = yes
[openvpn]
client = yes
accept = 127.0.0.1:1194
connect = 83.10.10.10:1111
verifyPeer = yes
My steps:
1. Check internet connection
- from router console (working)
Code:
curl api.myip.com{"ip":"my_ISP_ip","country":"my_country","cc":"XX"}Code:
curl api.myip.com{"ip":"my_ISP_ip","country":"my_country","cc":"XX"}Code:
ip route show table ovpnc18.8.4.4 via 100.88.0.1 dev vlan2 metric 110.8.8.5 dev tun0 proto kernel scope link src 10.8.8.610.8.8.1 via 10.8.8.5 dev tun0100.88.0.1 dev vlan2 proto kernel scope link8.8.8.8 via 100.88.0.1 dev vlan2 metric 1127.0.0.1 via 100.88.0.1 dev vlan2192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.1100.88.0.0/16 dev vlan2 proto kernel scope link src 100.88.25.57127.0.0.0/8 dev lo scope linkdefault via 10.8.8.5 dev tun0- from router console (not working)
Code:
curl api.myip.comcurl: (28) Failed to connect to api.myip.com port 80 after 150026 ms: Operation timed outCode:
ip route add 83.10.10.10 via 10.8.8.5 table ovpnc1 #where 83.10.10.10 e.g. my external VPN server ip- from router console (working)
Code:
curl api.myip.com{"ip":"my_VPN_ip","country":"VPN_country","cc":"YY"}Code:
curl api.myip.comcurl: (28) Failed to connect to api.myip.com port 80 after 150026 ms: Operation timed out1. VPN external ip is not added to the ovpnc1 table
2. When it was fixed manually internet vpn connection works from router itself but doesn't from clients.
Please advice.
additional info
ip rule
Code:
0: from all lookup local32766: from all lookup main32767: from all lookup defaultCode:
0: from all lookup local10001: from all lookup ovpnc132766: from all lookup main32767: from all lookup defaultStatistics: Posted by santer — Sun Feb 02, 2025 3:17 pm