Hey there,
I'm fiddling around with my VPN setup since a couple of weeks and I somehow ran out of ideas how to troubleshot it. So maybe there are smart people reading this forum, helping me to find out what's wrong.
so here's my setup:
I set up a VPN server on a AWS instance based on this tutorial.
The VPN server provides pptp and l2tp and using it on an iphone or android phone it works flawless and extremely fast.
What I am trying to do now, is to set up a second router at home behind my first router in order to have a dedicated vpn subnet which I can connect to. Idea is to mainly connect to the second router via wifi without the need of changing client VPN settings.
The first router is a Fritzbox 7490 connecting to the ISP using the 192.168.178.0/24 subnet
The second router is a Asus RT-AC87U using 192.168.2.0/24 subnet. Wan side is 192.168.178.3 connected to a Lan port of Fritzbox.
I set up a static router in Fritzbox to reach the the 192.168.2.0 network
The Asus has a build in VPN Client which I set up to connect to the AWS VPN server. Using pptp Asus successfully establishes a connection to the VPN server with the following log file information:
pppd 2.4.7 started by admin, uid 0
Connect: ppp5 <--> pptp ("server-ip-address")
CHAP: authentication succeed
MPPE 128-bit stateless compression enabled
local IP address 10.0.0.100
remote IP address 10.0.0.1
primary DNS address 8.8.8.8
secondary DNS address 8.8.4.4
Also on the server log files I can see that the connection has been established successfully.
From the Asus I can ping the 10.0.0.1 interface on the server and
from the server I can ping to 10.0.0.100.
First I thought it is a routing issues, so that the there is a route missing using the vpn connection as default gateway.
However the routing table on Asus shows the following:
Destination Gateway Genmask Flags Metric Ref Use Type Iface
"Server IP address" 192.168.178.1 255.255.255.255 UGH 0 0 0 WAN0 eth0
192.168.178.1 * 255.255.255.255 UH 0 0 0 WAN0 eth0
192.168.178.0 * 255.255.255.0 U 0 0 0 WAN0 eth0
169.254.39.0 * 255.255.255.0 U 0 0 0 LAN br0
192.168.2.0 * 255.255.255.0 U 0 0 0 LAN br0
default 10.0.0.1 0.0.0.0 UG 0 0 0 ppp5
default 192.168.178.1 0.0.0.0 UG 1 0 0 WAN0 eth0
So there is a default route to 10.0.0.1 with a lower metric than than the non-vpn gateway but having a connection running I can't access any webpage or even ping the DNS server.
Does anyone has an idea of what I am missing? Or may help me to do the right troubleshooting?
Best
MacX
I'm fiddling around with my VPN setup since a couple of weeks and I somehow ran out of ideas how to troubleshot it. So maybe there are smart people reading this forum, helping me to find out what's wrong.
so here's my setup:
I set up a VPN server on a AWS instance based on this tutorial.
The VPN server provides pptp and l2tp and using it on an iphone or android phone it works flawless and extremely fast.
What I am trying to do now, is to set up a second router at home behind my first router in order to have a dedicated vpn subnet which I can connect to. Idea is to mainly connect to the second router via wifi without the need of changing client VPN settings.
The first router is a Fritzbox 7490 connecting to the ISP using the 192.168.178.0/24 subnet
The second router is a Asus RT-AC87U using 192.168.2.0/24 subnet. Wan side is 192.168.178.3 connected to a Lan port of Fritzbox.
I set up a static router in Fritzbox to reach the the 192.168.2.0 network
The Asus has a build in VPN Client which I set up to connect to the AWS VPN server. Using pptp Asus successfully establishes a connection to the VPN server with the following log file information:
pppd 2.4.7 started by admin, uid 0
Connect: ppp5 <--> pptp ("server-ip-address")
CHAP: authentication succeed
MPPE 128-bit stateless compression enabled
local IP address 10.0.0.100
remote IP address 10.0.0.1
primary DNS address 8.8.8.8
secondary DNS address 8.8.4.4
Also on the server log files I can see that the connection has been established successfully.
From the Asus I can ping the 10.0.0.1 interface on the server and
from the server I can ping to 10.0.0.100.
First I thought it is a routing issues, so that the there is a route missing using the vpn connection as default gateway.
However the routing table on Asus shows the following:
Destination Gateway Genmask Flags Metric Ref Use Type Iface
"Server IP address" 192.168.178.1 255.255.255.255 UGH 0 0 0 WAN0 eth0
192.168.178.1 * 255.255.255.255 UH 0 0 0 WAN0 eth0
192.168.178.0 * 255.255.255.0 U 0 0 0 WAN0 eth0
169.254.39.0 * 255.255.255.0 U 0 0 0 LAN br0
192.168.2.0 * 255.255.255.0 U 0 0 0 LAN br0
default 10.0.0.1 0.0.0.0 UG 0 0 0 ppp5
default 192.168.178.1 0.0.0.0 UG 1 0 0 WAN0 eth0
So there is a default route to 10.0.0.1 with a lower metric than than the non-vpn gateway but having a connection running I can't access any webpage or even ping the DNS server.
Does anyone has an idea of what I am missing? Or may help me to do the right troubleshooting?
Best
MacX