So i got my router reprogrammed to OpenWRT. Added OpenVPN server (multi client/user) and that works. I can connect via the VPN and despite being on a differtent DHCP range i can connect to the devices on the LAN side of the tunnel via their IP adresses.
However, Windows on the client side can't see the available devices/systems from their hostnames.
The Network window/folder remains empty.
What needs to be changed so that the windows client does populate the network folder, just like the systems on the LAN side show the devices?
Some of the Windows software i use look for the other systems by their hostnames rather than their IP. Windows not finding / getting these names pushed / pulled to it breaks these programs.
the clients connecting via VPN to be able to access your routers DNS, unless we're talking about some other kind of discovery ...
Sounds like that might be needed. But how to set that up?
In DHCP and DNS add to listen interfaces your openvpn tun interface. Then hit save and apply.
Even with an active VPN i'm not seeing an openvpn tunnel interface.
And adding "LAN" to the listen interfaces list killed the connection to the internet (DNS lookup fail?)
You will nee to follow following guide in order to setup openvpn server:
After that add tun0 to the DHCP and DNS as a listen interface.
I did folow that guide, last night.
In Openvpn section tick the enabled and start next to your server configuration. This should enable the tun0 device in Luci.
In Luci, then add new interface:
Assign it to your vpn firewall zone:
And add DHCP DNS listen to interface tun0.
Important: check, whether you have correctly set up firewall.
Trivial approach is to use 'tap' instead of 'tun'.
Neither of the sample configs are used by the actual VPN config.
No idea as to how to add the actual cofig to this list. That said. i downloaded the server.conf and renamed it server.ovpn. loaded that into luci-openvpn. saved, enabled etc all that seemed to result in is a broken VPN connection. I can connect and get an IP. But no other devices show up. can't even reach them by their IP. No internet acces neither.
How to roll that back???
Not sure if my latest config backup was from after i got the VPN to 'work" last night. looking at the timestamp... no...
Looking at some of the commands in the posted setup page.
# Fetch WAN IP address
There is a space between the period and the forward slash. I feel that that space shouldn't be there.
You can edit directly the
/etc/config/openvpn file, the Luci will afterwards recognize the instances and you can start the server from Luci.
So i rebuild it some...
Now i have these interfaces.
Which names do i put in to the listen box? LAN or br-lan? VPNA or eth0.1?
And i'm currently running into problems with generating the user's ovpn files.
But on the multi-client page the code doesn't seem to generate extra ovpn files. It generates the key and pem files but they don't convert to ovpn.
server 192.168.8.0 255.255.255.0
keepalive 10 60
push "dhcp-option DNS 192.168.8.1"
push "dhcp-option DOMAIN lan"
push "redirect-gateway def1"
And there doesn't seem to be any server.ovpn file (Find doesn't find it)
ok. on the last part... i just reran part 4 (VPN service) after doing the # Add one more client
from the multi-client page and got the other client's ovpn file.
But this is still a TUN not a TAP.
How to switch to TAP? not as simple as changing the names in the conf and client files i assume..
The ovpn file does not differ much from the server.conf you just provided. You are just missing the key part of the config:
option dh '/etc/luci-uploads/cbid.openvpn.VPN.dh'
option ca '/etc/luci-uploads/cbid.openvpn.VPN.ca'
option key '/etc/luci-uploads/cbid.openvpn.VPN.key'
option cert '/etc/luci-uploads/cbid.openvpn.VPN.cer