Jump to content
Not connected, Your IP: 3.15.2.239
Av3ngeme

Port forwarding & VPN Configured on router

Recommended Posts

Hey everyone, 

Long time user of Air VPN and I don't think i'd ever go anywhere else. That said I'm having some issues, and it's been a long while since I've done any troubleshooting when it comes to the port forwarding. I've recently purchased a new router (ROG GT-AC5300) and it has the ability to setup a VPN in the router itself (no need for eddie this way). I'm guessing I need routing tables setup but I just want to make sure I'm not going crazy here. I'm using the routers VPN fusion, which if I'm getting this right is just a fancy way of saying split tunnel VPN, in any case when I configure AirVPN to use the VPN Fusion client I lose my ability to RDP into my box via a portforward I had setup with Air VPN, however if I disconnect my VPN on the router and fire up eddie everything works flawlessly. 

I'm aware this isn't an issue with AirVPN, and I'm pretty sure I need routing table setup to direct traffic incoming from my Airvpn port forward (lets say it's port 9999) to 3389 to an internal IP of 192.168.0.100 but I just want to be sure, or ideally get some help lol.

I've already setup my router and everything works great if I use eddie, just not when I enable the VPN on the router itself. I did have this working on my RT-AC5300 but I remember scouring the web for info and "I THINK" I found some instructions for setting up an inbound routing table but that was years ago and I'm having a senior moment.

Anyone have any ideas?

Share this post


Link to post

From the looks of it, the reason is simple:
RDP client -> AirVPN server -> your computer <- RDP server = works, because the port is forwarded to your computer, RDP server listens there
RDP client -> AirVPN server -> your router <?> your computer <- RDP server = doesn't work because the port is forwarded to your router, not the computer; RDP server does not listen on the router

So your assessment is correct: Connections from router to computer must be forwarded, the <?> must be fixed. You either create a port forward on the router itself, or, well, dig the net or ask the people here about routes, though the latter must be set up everytime you reconnect, I think.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

The ports are already forwarded within the router, which is why it's working when off VPN or using Eddie, so that's taken care of. Routes don't need to be setup every time (at least they did not need to be on my other Asus router using merlin) but there was some config required *I think*

Guess I'm going to be doing some digging, kinda figured as much but was hoping I was wrong.

Is anyone else using built in VPN clients on their routers?

Share this post


Link to post
6 minutes ago, Av3ngeme said:

The ports are already forwarded within the router


Does this forwarding point from the tunnel IP (IP of tun0, 10.x.x.x) to your local IP 192.168.0.100? Sounds like not. It works over your ISP line because the port is forwarded from your public IP to local, and it works with Eddie because it's forwarded from the AirVPN server IP to local.

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
4 hours ago, giganerd said:

Does this forwarding point from the tunnel IP (IP of tun0, 10.x.x.x) to your local IP 192.168.0.100? Sounds like not. It works over your ISP line because the port is forwarded from your public IP to local, and it works with Eddie because it's forwarded from the AirVPN server IP to local.
No, it does not. I'm fairly sure that's what I need to do but I not sure what the commands are or how to execute them anymore.

Share this post


Link to post

Alright I think I see the issue. Merlin FW has access to JFFS partition for storing small scripts (of which I had one setting my tun0 settings on my previous router) and since Merlin doesn't exist for the GT-AC5300 I can't access JFFS to set that up. Thought I was going nuts there for a minute, not a huge deal but at least now I know.

Share this post


Link to post

Well, okay, check that lead. Please report if you solved it and how you did that, for the future readers. :)


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Maybe I misunderstand the problem but I think this is what you are needing and is all you need.
 


Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding.  I've used these in the past on an asus router and this was all I needed.  Remember to use ifconfig to see what TUN device your openvpn session is.

Share this post


Link to post
4 minutes ago, go558a83nk said:

Maybe I misunderstand the problem but I think this is what you are needing and is all you need.
 


Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding.  I've used these in the past on an asus router and this was all I needed.  Remember to use ifconfig to see what TUN device your openvpn session is.

You got it, I just don't think there's anyway of implementing this in an Asus ROG router because they don't use Merlin on these devices because of the different architecture. Even if I were to SSH into the router and setup the iptables as soon as the router rebooted I'd have to perform the process over again correct? Without access to JFFS that is.

Share this post


Link to post
1 minute ago, Av3ngeme said:
9 minutes ago, go558a83nk said:

Maybe I misunderstand the problem but I think this is what you are needing and is all you need.
 


Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding.  I've used these in the past on an asus router and this was all I needed.  Remember to use ifconfig to see what TUN device your openvpn session is.

You got it, I just don't think there's anyway of implementing this in an Asus ROG router because they don't use Merlin on these devices because of the different architecture. Even if I were to SSH into the router and setup the iptables as soon as the router rebooted I'd have to perform the process over again correct? Without access to JFFS that is.


Yes, when I was using asus I had to re-input every boot.  But for me that was very rare.

Share this post


Link to post
On 4/23/2020 at 9:23 PM, Av3ngeme said:
On 4/23/2020 at 9:15 PM, go558a83nk said:

Maybe I misunderstand the problem but I think this is what you are needing and is all you need.
 


Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding.  I've used these in the past on an asus router and this was all I needed.  Remember to use ifconfig to see what TUN device your openvpn session is.

You got it, I just don't think there's anyway of implementing this in an Asus ROG router because they don't use Merlin on these devices because of the different architecture. Even if I were to SSH into the router and setup the iptables as soon as the router rebooted I'd have to perform the process over again correct? Without access to JFFS that is.
Hey man, I have the same ROG router as yours and ran into the same problem. Were you able to find a solution? I wouldn't mind setting it up after every reboot. Please open your DM if you don't mind. Thanks!

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...