Av3ngeme 0 Posted ... Hey everyone, Long time user of Air VPN and I don't think i'd ever go anywhere else. That said I'm having some issues, and it's been a long while since I've done any troubleshooting when it comes to the port forwarding. I've recently purchased a new router (ROG GT-AC5300) and it has the ability to setup a VPN in the router itself (no need for eddie this way). I'm guessing I need routing tables setup but I just want to make sure I'm not going crazy here. I'm using the routers VPN fusion, which if I'm getting this right is just a fancy way of saying split tunnel VPN, in any case when I configure AirVPN to use the VPN Fusion client I lose my ability to RDP into my box via a portforward I had setup with Air VPN, however if I disconnect my VPN on the router and fire up eddie everything works flawlessly. I'm aware this isn't an issue with AirVPN, and I'm pretty sure I need routing table setup to direct traffic incoming from my Airvpn port forward (lets say it's port 9999) to 3389 to an internal IP of 192.168.0.100 but I just want to be sure, or ideally get some help lol. I've already setup my router and everything works great if I use eddie, just not when I enable the VPN on the router itself. I did have this working on my RT-AC5300 but I remember scouring the web for info and "I THINK" I found some instructions for setting up an inbound routing table but that was years ago and I'm having a senior moment. Anyone have any ideas? Quote Share this post Link to post
OpenSourcerer 1441 Posted ... From the looks of it, the reason is simple: RDP client -> AirVPN server -> your computer <- RDP server = works, because the port is forwarded to your computer, RDP server listens there RDP client -> AirVPN server -> your router <?> your computer <- RDP server = doesn't work because the port is forwarded to your router, not the computer; RDP server does not listen on the router So your assessment is correct: Connections from router to computer must be forwarded, the <?> must be fixed. You either create a port forward on the router itself, or, well, dig the net or ask the people here about routes, though the latter must be set up everytime you reconnect, I think. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Av3ngeme 0 Posted ... The ports are already forwarded within the router, which is why it's working when off VPN or using Eddie, so that's taken care of. Routes don't need to be setup every time (at least they did not need to be on my other Asus router using merlin) but there was some config required *I think* Guess I'm going to be doing some digging, kinda figured as much but was hoping I was wrong. Is anyone else using built in VPN clients on their routers? Quote Share this post Link to post
OpenSourcerer 1441 Posted ... 6 minutes ago, Av3ngeme said: The ports are already forwarded within the router Does this forwarding point from the tunnel IP (IP of tun0, 10.x.x.x) to your local IP 192.168.0.100? Sounds like not. It works over your ISP line because the port is forwarded from your public IP to local, and it works with Eddie because it's forwarded from the AirVPN server IP to local. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Av3ngeme 0 Posted ... 4 hours ago, giganerd said: Does this forwarding point from the tunnel IP (IP of tun0, 10.x.x.x) to your local IP 192.168.0.100? Sounds like not. It works over your ISP line because the port is forwarded from your public IP to local, and it works with Eddie because it's forwarded from the AirVPN server IP to local. No, it does not. I'm fairly sure that's what I need to do but I not sure what the commands are or how to execute them anymore. Quote Share this post Link to post
Av3ngeme 0 Posted ... Alright I think I see the issue. Merlin FW has access to JFFS partition for storing small scripts (of which I had one setting my tun0 settings on my previous router) and since Merlin doesn't exist for the GT-AC5300 I can't access JFFS to set that up. Thought I was going nuts there for a minute, not a huge deal but at least now I know. Quote Share this post Link to post
OpenSourcerer 1441 Posted ... Well, okay, check that lead. Please report if you solved it and how you did that, for the future readers. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
go558a83nk 364 Posted ... Maybe I misunderstand the problem but I think this is what you are needing and is all you need. Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding. I've used these in the past on an asus router and this was all I needed. Remember to use ifconfig to see what TUN device your openvpn session is. Quote Share this post Link to post
Av3ngeme 0 Posted ... 4 minutes ago, go558a83nk said: Maybe I misunderstand the problem but I think this is what you are needing and is all you need. Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding. I've used these in the past on an asus router and this was all I needed. Remember to use ifconfig to see what TUN device your openvpn session is. You got it, I just don't think there's anyway of implementing this in an Asus ROG router because they don't use Merlin on these devices because of the different architecture. Even if I were to SSH into the router and setup the iptables as soon as the router rebooted I'd have to perform the process over again correct? Without access to JFFS that is. Quote Share this post Link to post
go558a83nk 364 Posted ... 1 minute ago, Av3ngeme said: 9 minutes ago, go558a83nk said: Maybe I misunderstand the problem but I think this is what you are needing and is all you need. Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding. I've used these in the past on an asus router and this was all I needed. Remember to use ifconfig to see what TUN device your openvpn session is. You got it, I just don't think there's anyway of implementing this in an Asus ROG router because they don't use Merlin on these devices because of the different architecture. Even if I were to SSH into the router and setup the iptables as soon as the router rebooted I'd have to perform the process over again correct? Without access to JFFS that is. Yes, when I was using asus I had to re-input every boot. But for me that was very rare. Quote Share this post Link to post
Decidueye 0 Posted ... On 4/23/2020 at 9:23 PM, Av3ngeme said: On 4/23/2020 at 9:15 PM, go558a83nk said: Maybe I misunderstand the problem but I think this is what you are needing and is all you need. Easiest way is to just use an SSH command line session to copy/paste iptables for port forwarding. I've used these in the past on an asus router and this was all I needed. Remember to use ifconfig to see what TUN device your openvpn session is. You got it, I just don't think there's anyway of implementing this in an Asus ROG router because they don't use Merlin on these devices because of the different architecture. Even if I were to SSH into the router and setup the iptables as soon as the router rebooted I'd have to perform the process over again correct? Without access to JFFS that is. Hey man, I have the same ROG router as yours and ran into the same problem. Were you able to find a solution? I wouldn't mind setting it up after every reboot. Please open your DM if you don't mind. Thanks! Quote Share this post Link to post