I have successfully installed OpenVPN on my MikroTik RouterBOARD 750Gr3 with OpenWRT 21.02.2. I can connect from a mobile device to the internet via OpenVPN so I know it's working but cannot access my internal LAN devices. I want to be able to connect via OpenVPN to my home network and access devices on my internal LAN (printer, Sat receiver, etc). I do have three VLANs on my network but other than that it's pretty basic. I have searched and this seems like a common problem/question for a new OpenWRT user like myself. Any help on the steps I need to take to be able to access my internal LAN devices when connected via OpenVPN would be greatly appreciated.
Setup the firewall that it can reach the lan devices.
You don't need to setup forward rules only for very specific reasons.
VPN zone forward to:
But I'm not sure if your need to masquerade the VPN zone.
But you don't need to do it two ways if for example have your VPN installed on your phone and want to reach devices on your lan. You only need to setup the VPN as above, but even if your on your phone connected to your VPN the devices on your lan can't connect first.
So for example your running a logging or Minecraft server on the VPN your need to turn it around.
VPN zone forward:
VPN zone received from:
Every lan zones that you need to connect from.
The connection state will be checked if like the default zones:
lan -> wan
Every lan can establishes a connection to the wan, but the wan only can send data to the lan if the lan device first established the connection and it's connection state not invalid.