Hi, I am trying to set up an openvpn server on my openwrt router so that my friend could tap into my local network and we can play some games together. I have done this when I was using ASUS router as my main router and it provided the feature to set up an openvpn server on it. It was quite simple and worked without any problems, however, I am having difficulties setting it up on my openwrt since I switched my main router to a openwrt router.
So basically, because I want him to tap into my local network, I should use the tap mode and we should be in the same subnet. Below is my config file for my server:
/etc/config/openvpn:
config openvpn 'myvpn_test'
option enabled '1'
option port '1194'
option proto 'tcp-server'
option dev 'tap'
option server '192.168.3.0 255.255.255.0'
option persist_key '1'
option persist_tun '1'
option max_clients '5'
option topology 'subnet'
option keepalive '10 60'
option verb '3'
option status '/var/log/openvpn_status.log'
option client_to_client '1'
list push 'route 192.168.3.0 255.255.255.0'
list push 'redirect-gateway def1 bypass-dhcp'
list push 'dhcp-option DNS 192.168.3.1'
list push 'dhcp-option DOMAIN lan'
option ca '/etc/openvpn/ca.crt'
option dh '/etc/openvpn/dh.pem'
option cert '/etc/openvpn/server.crt'
option key '/etc/openvpn/server.key'
option log '/tmp/openvpn.log'
option float '1'
option learn_address '/usr/bin/ovpn-learnaddress'
option comp_lzo 'no'
option dhcp_option 'DOMAIN 192.168.3.1'
option client_config_dir '/etc/openvpn/ccd'
/etc/openvpn/ccd/client1:
ifconfig-push 192.168.3.201 255.255.255.0
and the client config file is as follows:
client
dev tap
proto tcp-client
remote my.domain 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
verb 3
comp-lzo no
He can successfully connect to my server, however, he cannot ping to my router and my computer and cannot access the internet. I noticed that, in the connection detail page of his openvpn connection, the dhcp server address is wong:
I believe this should be 192.168.3.1, which is the local address for my router, although I am not sure if this is the cause of him not able to ping to my router and computer and not able to access the internet after connecting to my server. And in his log it shows this line:
2023-07-05 17:37:43 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.3.201/255.255.255.0 on interface {CB53E94D-0218-4BFD-A8F2-B1C8F06E8D92} [DHCP-serv: 192.168.3.0, lease-time: 31536000]
I don't see anywhere I pushed the 192.168.3.0 as the dhcp server address to him but he always gets this.
Does anyone know where I did wrong and how can I fix it? Or what more information/logs should I seek?
Thanks!