NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

NG_LostMyAcct's avatar
NG_LostMyAcct
Tutor
Jun 25, 2023

RBR850 Can't get VPN to work

  Hi - I am trying to get my Netgear Orbi RBR850 embedded OpenVPN up and running. I am running the OpenVPN GUI on a Windows 11 PC that will be running 24/7.   My RBR850 is running firmware v4.6...
  • NG_LostMyAcct's avatar
    NG_LostMyAcct
    Tutor
    Jun 29, 2023

    OK, I made a little (but only a very little) progress.

     

    I figured out that I needed to connect to my Orbi outside of my LAN to test the VPN (this makes sense, it's probably the network equivalent of trying to look inside your head).

     

    Anyways, when I tried connecting to my Orbi VPN with my Android cell phone using the cellular network, I was able to establish a connection to my Orbi VPN.

     

    However, once the VPN link was established, it was INSANELY slow - like, slower than dial up speeds (1 kbps or slower).

     

    Trying to do multiple speedtest.net tests, all failed due to time-outs.

     

    What do I need to do to have my Orbi act as the gateway to the internet for my VPN connection from my phone?

    • CrimpOn's avatar
      CrimpOn
      Guru - Experienced User
      Jun 29, 2023
      NG_LostMyAcct wrote:

      What do I need to do to have my Orbi act as the gateway to the internet for my VPN connection from my phone?

      Perhaps I misunderstand, but there appear to be two distinct issues:

      • Enabling OpenVPN Host on the RBR850 router.
      • Using the RBR850 as an internet gateway for a cell phone connection.

      Each specific DDNS provider has a unique method of keeping their DDNS entries synchronized with changes in the public IP address of the host system. Netgear has programmed the Orbi to be compatible with only three DDNS providers:

      These are the only DDNS providers that will remain synchronized.  The comment about xyz.ddns.net appears inconsistent with this basic situation.  (Perhaps I misunderstand.)

       

      Yes, the only method to verify that OpenVPN is working is to connect to the Orbi through the internet.  My practice appears to be similar to yours:

      • Disconnect my cell phone from the Orbi WiFi network and use LTE data.
      • Enable OpenVPN on the cell phone (mine is Android) and verify that the connection opens correctly.  Open a web browser and verify that the Orbi router web interface opens at 192.168.1.1.  Use some other network tools to verify that the 192.168.1.x network is available.
      • On the Orbi web interface, verify that the cell phone appears as a "VPN" connection type (rather than wired or WiFi).
      • Shut off the cell phone OpenVPN.
      • Create a WiFi Hot Spot on the cell phone.
      • Connect the laptop to the Hot Spot.
      • Enable OpenVPN on the laptop and verify that it connects and functions correctly.

      Netgear includes OpenVPN Host in routers to enable customers to access their home network when not at home.  Yes, there is an option to allow devices connected via VPN to "access the internet" and some customers make use of this feature. (Often to present the appearance of connecting to internet resources from their home location when they are not at that location.)  Although the VPN connection between cell phone (or laptop) and the Orbi is encrypted, the connection between Orbi and the internet is "whatever it is".  i.e., if you access a plain http web site, it is not encrypted.

       

      Of course, every transmission has to go through a torturous pathway:

      • Laptop or cell phone through the internet to the Orbi.
      • Orbi out to the internet.
      • Internet back to the Orbi.
      • Orbi back through the internet to the cell phone or laptop.

      I would prefer to get rid of all that and go directly that whatever internet resource I need.  If encryption is desired, install a commercial VPN on the cell phone or laptop and be done with it.

       

      (That said, what I would do it not relevant.)

       

      What it sounds like is:

      • You got OpenVPN working on the Orbi, and
      • Performance through the Verizon 5G Home Internet sucks when everything has go pass through four times.
      • NG_LostMyAcct's avatar
        NG_LostMyAcct
        Tutor
        Jun 29, 2023

        Hi, CrimpOn - Thanks for replying back, this has been driving me nuts.

         

        The pathway to access the internet through the Orbi VPN tunnel shouldn't be considered "tortuous", though a small amount of loss due to VPN protocol overhead is of course expected. The route you listed is exactly the same route that every commercial VPN provides, and typically I see 5% or less bandwidth loss with the commercial VPNs that I have used in the past. I have a 300+ Mbps down / 20+ Mbps up ISP, but when I have the Orbi configured to act as an Internet access VPN, my bandwidth drops to single-digit kbps rates (more likely, 0.00 kbps). Obviously, this is not operating properly.

         

        However, my Android OpenVPN Connect app does show an assigned IP address within the LAN network's IP range, so something is working right. I am also able to ping my LAN's gateway IP address fine.


        Since the Orbi VPN is supposed to allow communication to my home LAN (as a minimum), I tried the following experiment: With the VPN disabled and my phone on the LAN via WiFi, I was able to transfer files from my NAS to my phone via SMB at a 280 Mbps data rate. But, when I tried to connect to the NAS when the Orbi VPN was enabled on my phone, my phone failed to login to the NAS - again, indicating that the Orbi VPN isn't working as advertised.