Want to VPN but running into NAT clash

Ali_206 · Sep 12, 2017

Hi everyone,

So the set up I have at home currently is;

Virgin Hub 3.0 in router mode Connected to two routers (ASUS and TP-Link), both of which are in access point mode with DCHP off.

ASUS <------- Virgin Hub --------> TP Link

Now I want to set up a VPN through my ASUS router only. This cant be done in AP mode so I need to turn the ASUS into router mode. With the ASUS in router mode, the NAT obviously clashes with the Virgin Hub which is also in router mode so the VPN doesnt work. In order to resolve this, I want to put the Virgin Hub into Modem mode and then the ASUS in router mode, but then how do I connect the TP link? The TP link would need to be connected in router mode too, meaning it will clash with the ASUS in assigning ip's.

Is there a way I can set this up so that I can configure my ASUS with VPN, while leaving the rest of the network (TP Link) unaffected?

Thanks in advance sorry if this is unclear

bill001g · Sep 12, 2017

So what problem does having 2 NAT cause for you. Devices connected to the ASUS will go via the vpn tunnel. The only traffic between the Asus and virgin device will be the vpn traffic with all the devices traffic hidden inside.

Ali_206 · Sep 12, 2017

bill001g :

I get the error

Noted: If the wireless is using a private WAN IP address (192.168.x.x, 10.x.x.x, or 172.16.x.x), this router may under a multi-layer NAT network. The DDNS service is not able to work under this environment.

So this doesnt work

bill001g · Sep 12, 2017

You should not need DDNS for a VPN router. The only restriction will be you can't have the wan and lan on the same ip block. That should not matter since all the machine on the asus will only use the vpn anyway.

Ali_206 · Sep 12, 2017

bill001g :

Thanks for the reply! Are you suggesting there is something in the settings I should change? If i dont need DDNS how should i reconfigure my router? Also why is it showing this error
"Noted: If the wireless is using a private WAN IP address (192.168.x.x, 10.x.x.x, or 172.16.x.x), this router may under a multi-layer NAT network. The DDNS service is not able to work under this environment". Is that not because i have connected router to router?

bill001g · Sep 12, 2017

I have no idea what is producing that message I have never seen it.

Try to wipe the router config. Change the LAN ip to something that is different that is different than the virgin lan ips. Then hook the wan port to the virgin device and you at that point should be able to run a pc behind it.

After that works configure the VPN.

Now if what you mean by VPN is you are trying to get remote access to you house when you are away that requires a different setup than building a VPN to some vpn service provider.

Ali_206 · Sep 12, 2017

bill001g :

I am running my pc at the back off the current setup I have.
The IP of the router is different to the IP of the virgin media hub.

The issue I am having is configuring a VPN through the ASUSWRT. I go to VPN and I get the error message above.
After googling that error message the consensus seems to be its because I have connected router to router so I am having the double NAT problem. This is preventing me from tunneling through a VPN

bill001g · Sep 12, 2017

I am running that exact configuration and it works fine. You do not use the VPN server settings. You want to setup vpn clients.

Ali_206 · Sep 12, 2017

bill001g :

I appreciate your support.
Please try to spot where I'm going wrong. I'll try to list my set up as detailed as poss.

Virgin Media Hub (Set in Router Mode)
II
ASUS Router (Set in Router mode because I want to set up VPN on the router)

Internet works fine

I try to set up a vpn i purchased from nord VPN. They provided me instructions on how to set up vpn on ASUS.

- I enter my Asus WRT.
- On the left side under Advanced Settings I click on "VPN"
- I click on "VPN Client"
- I set up the details given to me by norn VPN
- It constantly tries to connect without ever connecting.
- I flick back to "VPN Server"
- I see the error message "The wireless router currently uses a private WAN IP address (192.168.x.x, 10.x.x.x, or 172.16.x.x). Please configure DDNS service before starting the VPN server"
- I try to configure the DDNS service but I get the error "The wireless router currently uses a private WAN IP address (192.168.x.x, 10,x,x,x, or 172.16.x.x).This router may be in the multiple-NAT environment and DDNS service cannot work in this environment."

So my VPN server needs me to configure DDNS. But I cant do this because of Double NAT apparently.

Is this the same set up you have? If so, how have you configured your routers and your VPN?
I know the solution is to put the first router in Bridge mode but I cant do this. Is there anything else I can do?

Thanks in advance

bill001g · Sep 12, 2017

It makes no difference if your main router is bridge or not when you run client mode.

You need to completely ignore the server panel. It is only use if YOU are going to act as a server to a remote device. You are doing the reverse.

Try to follow this exactly. Asus merlin is one of the better supported routers

https://nordvpn.com/tutorials/asustwrt-merlin/openvpn/

I do not use that vpn provider but most the large ones have the configuration files you can download. It is basically a sample configuration that will configure most the options.

Ali_206 · Sep 13, 2017

bill001g :

My router does not support openvpn but it does have support for PPTP. I followed the instructions from nordvpn (https://nordvpn.com/tutorials/asuswrt/pptp/).

bill001g · Sep 13, 2017

PPTP should preform better but does not work for some people...main router must support vpn pass-through

Merlin does support openvpn those are exact screen shots from the merlin image.

Search

Want to VPN but running into NAT clash

Ali_206

Reputable

bill001g

bill001g

Titan

Ali_206

Reputable

bill001g

Titan

Ali_206

Reputable

bill001g

Titan

Ali_206

Reputable

bill001g

Titan

Ali_206

Reputable

bill001g

Titan

Ali_206

Reputable

bill001g

Titan

TRENDING THREADS

Latest posts

Moderators online

Share this page