They disabled that option in their implementation, as far as I can see I cannot change between modem and bridge mode. I have DMZ turned on right now and a static IP reserved for Nethserver’s WAN and that IP is set to DMZ. I’m still facing the same issue.
Actually. It is in modem mode right now, not even set to bridge. Bridge would disable the WIFI functionalities. Something I can’t test at the moment because others are currently using it.
Maybe it’s too much to port forward all AND set DMZ host?
You may try bridged instead of routed VPN mode if you don’t need Android clients.
I’ll try to disable DMZ and use port forward first and vice versa see what happens. I may try bridged but I have to admit, it would have been nice to be able to use my Android devices to connect.
I tried with just DMZ, doesn’t work (unable to connect). I disabled DMZ and used Port Forwarding and I got back to where I was before.
Just one thing about the Static Route, if I find a way to do this, I have to route 10.0.0.5 to my Nethserver’s Gateway correct (192.168.20.1)? 10.0.0.5 being the IP attributed to Nethserver’s WAN?
You need to route the vpn network to the Nethserver but this is usually only needed when Neth is not the gateway.
-
I see, so basically I would tell the ISP modem / router to router anything coming in for 10.168.20.0/24 (VPN Netowkr) to 192.168.20.1 which is my Lan?
-
And when you say Neth is not the gateway, I presume you mean not the first gateway after the internet (WAN)?
Markus means “Not the gateway”, that your NethServer is setup with only one NIC.
If you use 2 NICs, then your “2” is correct…
My 2 cents
Andy
1 Like
Remove the lzo compression (and regenerate and redistribute configuration files for users).
It had some security issues and, from what I understand, is deprecated.
https://community.openvpn.net/openvpn/wiki/DeprecatedOptions#Option:--comp-lzo
Yes that is what I meant. That system has 3 NICs, 1 not being used at the moment.
Did you end up going with LZ4?
I also did find some documentation that explains regarding static routes and it is a bit my scenario. My ISP router / firewall doesn’t know about my VPN Network.
Just thought I would update for those who have been following, after re-configuring my ISP to bridge modem (since it didn’t offer Static Routing) I got it to work. The only difference is I removed Compression LZO to disabled since someone reported it was deprecated.
Thanks to everyone for their help!
As soon as I have a minute I’ll make a final post with my settings and what I have done in case this could help someone in the future.
1 Like
Here is my final config with my ISP router basically in bridge mode (MODEM only). If ever you would like to keep your router in Modem + Firewall + Router, you will need to do as @mrmarkuz suggested and define yourself a static route from your ISP’s router to point to your VPN network. Unfortunately mine didn’t have that and they didn’t foresee doing it in the future leaving me with no other choice but to change it in bridge mode which solved all my problems.
The config is as follow :
1 Like