OpenVPN Revisited, Still Not Working

[EXCellR8]

Installed OpenVPN on my Untangle router at home and exported the profile/keys but I still cannot connect to it from my workplace. When I go to connect it just hangs up and never actually goes through. I have a couple of questions, though...

So, say my Untangle router at home is behind a TP link modem and uses a typical static IP of 192.168.1.1 and my static IPv4 address is 75.XXX.XXX.XXX or whatever from my ISP. When I configured the ports on the router (UDP 1194) what should be the forwarded address? Is that the pool of IPv4 addresses that the OpenVPN server is reserving or is it the IP of a device on my local network? I'm confused and shouldn't be, admittedly. NAT is also enabled by default so could that be what's messing this up?

I basically just want to use RDP and SSH but I can never get this to work. I also disabled all of my firewalls and it still doesn't take.

 

[ch33zw1z]

In the tplink, you forward insert_port_here to the untangle routers IP on the tplink network with port 1194

Example, tplink giving out 192.168.1.x, untangle router is IP .100, and using default port 1194 for the access in thru the tplink

Type UDP
Source port: 1194
Destination port: 1194
Destination IP: 192.168.1.100

Please make sure you're giving the untangle router a static IP that's not inside the tplinks DHCP range. Source port to allow access thru tplink can be anything, just don't pick the default for a different service...

VPN client would hit WAN_IP:1194, and it would be forwarded to untangle device.

If you made the incoming port(source)20,000....access would be with WAN_IP:20000

 

[EXCellR8]

Thanks for the input.

I'll have a better look at the modem tonight but the untangle router also handles the DHCP on the network with devices 192.168.1.100/24 so I think that's where I'm confused.

If the modem can also act as a DHCP server it's probably disabled... but I figured it was just another static entry but I'll check its LAN address.

 

[ch33zw1z]

Ok, my apologies, I read it wrong. Please confirm what model the tplink device is, and my advice may change. Also, what are you using for untangle, ie what hardware.

 

[EXCellR8]

No worries, the modem is the TC-7610 which is pretty run-of-the-mill but I do like it better than my ISP's gateway.
Untangle x86 is installed on a Atom 525 based Jetway NF9HQL board with 2GB DDR3 and 4x LAN ports.

 

[ch33zw1z]

Have you gone through this page for your setup?

https://wiki.untangle.com/index.php/OpenVPN

So based on what you have, disregard my previous post. I was replying thinking you had two routers in the mix.

Check out the link and see what you can compare to.

 

[EXCellR8]

Yep, that's what I used to set it up initially... but I may have overlooked something so I'll pass through it again.

I think I'm getting the "Remote Network" and "Exported Network" confused. To my understanding the Remote Network is only for site-to-site VPN or do I need to that configured if the only server is on my end (at home)? I get that the Exported Network is the local network at home that should be connectable remotely but I'm still not sure about the port forwarding.

I've tried installing the OpenVPN server on a client of my router, instead of the router itself, but I could never get it to work.

 

[ch33zw1z]

I've tried installing the OpenVPN server on a client of my router, instead of the router itself, but I could never get it to work.

What's this mean?

 

[EXCellR8]

I installed and tried to create the connection manually on a Windows machine behind the router instead of the router itself but it never worked.

 

[ch33zw1z]

I see.

The guide looks pretty thorough. Without posting pictures of config screens, there's not much else I can do. I may just spin up a untangle vm and see if I can get it to work.

What's your general config? Based on the documentation, for a standard client connection, both remote network and exported network aren't used