NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

ErikSFRFR's avatar
ErikSFRFR
Aspirant
Dec 27, 2023

Orbi RBS850 VPN Client Devices Cannot Access LAN

I'm struggling to setup my VPN such that I can access the devices on my LAN.  I'm using OpenVPN and No-IP for my dynamic DNS.   I have downloaded the OpenVPN configuration to my phone with the sett...
CrimpOn's avatar
CrimpOn
Guru - Experienced User
Dec 28, 2023
ErikSFRFR wrote:

One thing I noticed is that the client device joins on a separate subnet 245.XXX vs. the rest of the devices on my LAN which are on 1.XXX

Is this a typo?  I have OpenVPN installed on an RBR750 and (because I'm using Windows) can connect with either tap or tun method:

  • tap puts me on the same IP subnet as the LAN, which in this case is 10.0.0.x  (When an Orbi router is connected to a router that has created 192.168.1.x for the LAN subnet, then the Orbi creates 10.0.0.x  Strange behavior, but that's what it does.)
  • tun (tunnel) puts me on the 192.168.254.x subnet.  Since my PC is the only device connected by VPN right this minute, it got assigned 192.168.254.2  (192.168.254.1 is the LAN IP of the Orbi RBR750.)

Windows appears to be the only operating system that supports tap connections, and only with OpenVPN version 2.  Everybody else (Android and Apple smartphones, Macs, etc.) supports only tun connections, and OpenVPN version 3 has dropped tap for Windows.

 

 

  • ErikSFRFR's avatar
    ErikSFRFR
    Aspirant
    Dec 28, 2023

    You are right  - it is 254.XXX not 245.XXX - I made a typo there.

     

    Any thoughts on how to proceed?

    • CrimpOn's avatar
      CrimpOn
      Guru - Experienced User
      Dec 28, 2023

      This is where I am stumped. All of my Internet of Things (IoT) devices (cameras, smart plugs, etc.) function by the device itself opening a connection to the vendor 'cloud'.  When my smartphone or tablet app tries to access one of them, the app opens a connection to the cloud and says, "connect me to <whatever>". The cloud knows from my login credentials which devices belong to me, finds the connection in a database, and hooks me up.  Doesn't seem to matter if I am connected directly to the LAN or am "away somewhere".

       

      It has been established that the smartphone can connect to a camera on the LAN by using the camera IP address. That means the router knows how to transfer packets from devices on the LAN to/from devices connected over VPN.  My sense is that anything based on a broadcast is doomed to fail.  (such as "any cameras out there?.... anybody?)

       

      That it worked before and no longer works, is a puzzle.

      • ErikSFRFR's avatar
        ErikSFRFR
        Aspirant
        Dec 28, 2023

        I'm certain that the connection can be made without access to the internet for my devices (just the LAN) - at least when I am on wifi. What I can't figure out is how to get my VPN devices to actually appear on the network.

         

        For my mac, I previously used Tunnelblick but I can't seem to get that to work anymore. Now with my M2 mac I am running the same Open VPN configuration as my phone. Again I am able to connect to the network but as I mentioned I can't see the other devices on the network as I could previously.