Discussion stats
  • 23 replies
  • 5203 views
  • 2 kudos
  • 8 in conversation
Announcements

Top Contributors
Reply
Highlighted
Apprentice

R8500 VPN with iOS device - IP in different Lan range can't communicate with home network devices =(

Im currently on the latest firmware V1.0.2.86_1.0.75 and I've found an old topic about this that seems to be still happening (https://community.netgear.com/t5/Nighthawk-WiFi-Routers/R7000-VPN-with-iOS-device-IP-in-subnet-192-1...) except my ips for my iOS devices are 192.168.255.0 not 254, however everything else is the same.. I can't seem to access local home network devices on the VPN yet I could type in safari 192.168.1.1 and access the router while on my VPN and while im on LTE.. This really needs to be fixed cause theres no point of a VPN if you cant access you home network lol I also notice that I can't connect to my VPN while im on my home network such as connected to Wifi of my home router or ethernet.. it just times out idk if that has something to do with the fact that im using dynamic dns.. however once I leave my Home Wifi and switch to LTE it connects fine it just doesn't allow me to access my home devices..

 

 

Model: R8500|Nighthawk X8 Tri-Band AC5300 WiFi Router
Message 1 of 24
Highlighted
Prodigy

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

what services are u using to access your LAN network? make sure remote access on that specific services is allowed on those LAN devices. 

Message 2 of 24
Highlighted
Aspirant

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

I've having a similar issue and can't find an answer....I've got an R7000 Nighthawk configured for VPN using Open VPN on my iPhone/iPad.  (I want to be able to watch my cable app while I'm on vacation.)  I'm connecting via VPN successfully, however, when I attempt to watch my cable app, it tells me that I'm away from home.  From other threads I've seen, I believe I may need to add a static route so that my router recognizes the OpenVPN traffic from my iPad but I can't get it to work.  I've added a static route using Destination IP 192.168.254.0, IP Subnet Mask 255.255.255.0, Gateway IP 192.168.1.1 and Metric value of 2.  My firmware is V1.0.7.6_1.1.99.  Any ideas on what I can try?  I also have a port forwarding rule set up with Protocol TCP/UDP, External Port Range 1194, Internal IP Address mapped to my laptop where the VPN server is running.

Message 3 of 24
Highlighted
Apprentice

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Yeah I have no idea. Honestly to me Netgear setup iOS VPN Pointlessly lol
Message 4 of 24
Highlighted
Tutor

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

the r7000 is my first, and last, netgear product.

Message 5 of 24
Highlighted
Virtuoso

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Has this issue been resolved? I have an R7000 and seems it has a similar issue. This problem was discussed but I see no resolution and tech support on here seems to be running away rather than adressing it. 

Message 6 of 24
Highlighted
Aspirant

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Zero resolutions and it's still a huge nuisance to me.  I've Googled many sites and tried what seems like hundreds of things to no avail.

Message 7 of 24
Highlighted
Virtuoso

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Thats not good to hear. I want to set up OpenVPN but now feel its a waste of time.

 

 

Tried this?

 https://kb.netgear.com/29783/How-do-I-use-VPN-service-on-my-Nighthawk-router-with-my-Android-device?...

 

Have you called support?

 

Posted on Amazon reviews and see if Negear for fear ot lost sales respond there?

 

 

Message 8 of 24
Highlighted
Aspirant

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

To be clear, I actually do have OpenVPN up and working with my Apple devices.  When I'm out of the country on vacation I can listen to my Pandora, etc.  My issue remains that my Apple devices aren't recognized as a local device on my network, so if I'm trying to stream my cable or something it won't work.

 

I haven't contacted Netgear's support because I'm out of warranty and they charge something crazy like $90/hour!

Message 9 of 24
Highlighted
Virtuoso

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Sorry I am a novice at this. My interest in using OpenVPN is so I don't have to run some IP cams using UPNP. 

 

So what you are saying is your Apple phone and tablet are not recognized as local to your home router. 

 

But how is it that an app on your Apple phone or tablet works oversease if the device it self is basically run on a foreign network and not your home network?

Message 10 of 24
Highlighted
Aspirant

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

With the OpenVPN app on my iPhone/iPad, when I connect to my home laptop which acts as my server, my Apple device is assigned an IP address which is domestic (US-based).  It just isn't within the range of my local network. 

Message 11 of 24
Highlighted
NETGEAR Employee Retired

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

What settings do you have under "Clients will use this VPN connection to access?" Is it in Auto or All sites on the Internet & Home Network?

ElaineM
NETGEAR Community Team
Message 12 of 24
Highlighted
Virtuoso

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Can you elaborate on the inplication of choosing one or the other setting? Thanks.

Message 13 of 24
Highlighted
NETGEAR Employee Retired

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

This option let's you access your resources in Home Network only and or with Internet access.

Can you guys try to regenerate the configuration package and try to set up the VPN once again? 

 

ElaineM
NETGEAR Community Team
Message 14 of 24
Highlighted
Aspirant

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Mine has been set to All sites on the Internet & Home Network the entire time.  I have a port forwarding rule set up for port 1194.  Again, my VPN service connects successfully but my iPhone/iPad is assigned an IP address that is never forwarded successfully to an IP within my local network range, so it appears to my services that I'm outside of my home network.

Message 15 of 24
Highlighted
Virtuoso

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Elaine, it would be nice if you could resolve rlefranc42's problem so that I and countless others gain some confidence in Netgear again. I am an Android user but seeing it work on IOS will help me tremendously.

 

BTW I am checking frequently to here see Netgear's answer to this problem. 

Message 16 of 24
Highlighted
Virtuoso

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Am waiting 4/28/2017

Message 17 of 24
Highlighted
Tutor

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Yeah, mine is setup for full tunnel (all traffic), and my portable devices are issued IPs on a different subnet, not that of my routers internal subnet.  I think the problem resides with TAP vs TUN connections.  On a Windows PC, which is using TAP, there is not issue.  On my android device, which uses TUN, the issue is present. 

Message 18 of 24
Highlighted
Virtuoso

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Onus is on Netgear to respond to us

May 1, 2017

Message 19 of 24
Highlighted
Virtuoso

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Troco, this is when you are on Android WIFI and celluar (mobile data)?

Message 20 of 24
Highlighted
Tutor

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

I believe it was for either, whether I was using 4g/LTE or on a wifi connection.  I actually turned off the VPN feature, as it's about as reliable as a wet paper bag carrying 2 gallons of milk. Security sucks as well as there's no method for 2fa or authentication.  I can do some testing again tonight and get back with you.

Message 21 of 24
Highlighted
Virtuoso

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

Onus is still on Netgear to respond.

 

BTW for all customers to Netgear. Stop running from the problem. If you are incompetent then resign from your job or seek internal assistance. We need help. Its been 4 days. Disappearing is interpreted as you are eitehr too lazy and/or incompetent. Want competent help to a longstanding problem. You have 2 more business days then I rip Netgears heart out with a BBB complaint. The complaint will point to the lack of assistance on this board and specifically the tech running away.

Message 22 of 24
Highlighted
Guru

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

I believe troco is correct.  The issue with Android and iOS is that they only support TUN interfaces, not TAP.  TUN interfaces are layer 3 interfaces and have their own IP addresses that are on a different subnet than the home subnet.  Traffic from Android and iOS will always appear to be coming from the TUN's IP address.  

 

Contrast this with a TAP interface, which is a layer 2 interface.  Devices using TAP will appear to be on the home subnet.

 

BTW, you can't blame Netgear for this.  Blame Android and iOS.

 

Some supporting references:

From Netgear's forum: R7000 VPN Service TAP or TUN

From OpenVPN Connect iOS FAQ: Look for Why doesn't the app support tap-style tunnels?

 

The above also explains rlefranc42's problem.

 

GearNetRouter's problem may be different.  Many people often overlook an important requirement, which is that the remote device's real IP address cannot be in the home subnet.  It's mentioned in the manual:

 

For the VPN tunnel to work, the local LAN IP address of the remote router must use a different LAN IP scheme from that of the local LAN where your VPN client computer is connected. If both networks use the same LAN IP scheme, when the VPN tunnel is established, you cannot access your home router or your home network with the OpenVPN software.

 

While this may not necessarily be what's plaguing GearNetRouter, it is one possible cause, so please insure that this is not the case.  Given that most routers use 192.168.1.x/255.255.255.0 for their subnet, it's surprisingly common for the above requirement to be violated.  Attempting to access your home network from a friend's house configured with the same subnet will fail.

 

The other possibility is that devices in your home network need to be configured to point at the router as the default gateway.  If the default gateway is not set or pointing at another router, then traffic going to the remote device will never make it.  This is a rare situation, so most people won't experience it.  Someone who uses static IP addresses, a third-party DHCP server or multiple routers could run into this problem.

Message 23 of 24
Highlighted
Aspirant

Re: R8500 VPN with iOS device - IP in different Lan range can't communicate with home network device

D7000

Firmware Version
V1.0.1.50_1.0.1

Same issue with LAN not reachable. I followed all the suggestions..

I manually changed the server.conf to avoid the noncanonical route problem (other posts).
I did lot of troubleshooting and by tcpdumping on the router I noticed that in the same config 
(TUN, client 192.168.2.2/24, gw 192.168.2.1- router/gw 192.168.6.1/24) when i issue a ping  or http from the client to an IP inside the lan (e.g. 192.168.6.100) it reaches the router (i can see the dump on tun0, but it never goes out on any of the ETH interfaces.
I've tried to see if IPTABLES is dropping the packet but doesn't seem to (i'm not so expert with Iptables though..). Also on the client tcpdump show that the packet never reaches the destination. 
Seems like the router is not able to forward the packet from tun0 to ethxx...even if the router's routing table shows of course the right routes and even arp tables have got the mac of the serever in the lan. Instead if i ping the client from the router it is successful.
It should be really straightforward, i can't understand why this issue is open since so long


 

 

Model: R6700v2|Nighthawk AC1750 Smart WiFi Router,R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 24 of 24