How to access a server behind a router using DDNS after OpenVPN client is connected?

[DigiGoon]

Hello guys, I hope you are all doing fine, and I hope that I'm at the right place for this question.

 

So, my question(elaborated) as stated above is that:

How to access a home server sitting behind my router(ASUS RT-AC51U), using DDNS(ZoneEdit-Inbuilt DDNS service of my router) while I'm connected to a VPN server via OpenVPN client of the router itself?

 

WHEN NOT CONNECTED TO VPN SERVER VIA OPENVPN CLIENT OF THE SERVER:

I have a home server running with a local IP of 192.168.1.100, I have enabled port forwarding for this IP in my Asus router. So, when I access my DDNS Host Name i.e http://example.com, I get the website hosted at my local server(192.168.1.100) whose public IP is the IP address of my WAN which has PPPoE as connection type.

 

WHEN CONNECTED TO VPN SERVER VIA OPENVPN CLIENT OF THE SERVER:

I have a home server running with a local IP of 192.168.1.100, I have enabled port forwarding for this IP in my Asus router. So, when I access my DDNS Host Name i.e http://example.com,I do not get the website hosted  at my local server(192.168.1.100) instead I just get ERR_CONNECTION_REFUSED, if I'm outside the network of my router. But if I'm accessing DDNS Host Name or my WAN IP within the network of my router, then I get the website running fine.

 

So basically I want to know that what should I do in order to pass the Home server IP(192.168.1.100) through the WAN instead of VPN?

 

PLEASE ASK FOR MORE INFO IF NEEDED.

 

Thanks & Regards,

DigiGoon

[zMeul]

I don't understand something, are you trying to access the local machine throgh port forwarding but from the machine you VPNed into? or is it from a machine totally outside but the VPN is active?

[DigiGoon]

11 minutes ago, zMeul said:

I don't understand something, are you trying to access the local machine throgh port forwarding but from the machine you VPNed into? or is it from a machine totally outside but the VPN is active?

 

 

Okay let me try to explain, this is my home network structure:

WAN IP ----> ASUS Router ----> Clients & My Home Server.

 

And the ASUS Router has a OpenVPN client built in, so if I connect to a VPN server via that OpenVPN client then my every client which is connected to the Asus Router gets VPNed.

So basically after VPN is active my structure is like this if I want to access the local home server:

VPN IP ----> WAN IP ----> Asus Router ----> Clients & My Home Server.

 

So in the first case when I'm not connected to VPN then the public IP I get is my WAN IP. And through that I can access my Home server as I have enabled port forwarding to it.

 

But in second case the public IP I get is the IP of VPN server, so if I try to access the home server via my WAN IP, I can't do that as the DDNS host name is stuck to my WAN IP, but if anyone accesses it they'll get my VPN server's IP which is not connected to any DDNS host name.

 

I hope this is clear. Ask again if you didn't understand.

 

                                                                

 

[zMeul]

no, it didn't made it clearer 

 

when you VPN in, the notion of WAN IP does not exist anymore as your client VPN will be of the same class as your local (home) - your VPN client will be practically part of your home network; that's the point of the VPN

to search for the local machine your server is you just type it just like you would be home - depends on the type of OVPN you chose (TAP or TUN, forgot which does what)

 

with VPN off: [random internet IP] - WAN ( [router] <-> [local network] )

with VPN on: ( [VPN client] <-> [router / VPN server] <-> [local network] )

 

the issue I haven't tested is what happens when the VPN tunnel is active and trying to access the forwarded machine from a point that's not inside the VPN nor from local network

 

---

 

I played a bit with OVPN but I found that the transfer speeds are horrific at best compared to just FTPing in from outside

[DigiGoon]

10 minutes ago, zMeul said:

the issue I haven't tested is what happens when the VPN tunnel is active and trying to access the forwarded machine from a point that's not inside the VPN nor from local network

 

 

1

The issue when accessing the forwarded machine from a point outside the VPN and Local Network is that I can't access the machine.

But from a point inside the VPN or Local Network, I can access it fully.

But again, when I turn off the VPN client, I can access the forwarded machine from anywhere(Outside the local network as well as from inside the local network.)

10 minutes ago, zMeul said:

when you VPN in, the notion of WAN IP does not exist anymore as your client VPN will be of the same class as your local (home) - your VPN client will be practically part of your home network; that's the point of the VPN

to search for the local machine your server is you just type it just like you would be home

 

 

 

Yes, exactly. I was just trying to elaborate it, like what the structure is like.

 

Clearer now??

[zMeul]

ok, I did some basic research

from what I found: once the VPN tunel is active, it replaces the user created routes with the VPN ones - basically, when VPN is active, all forwarding rules are ignored

 

some people suggest using custom firmware with added custom scripts - if you are in that kind of stuff .. good luck 

[DigiGoon]

3 minutes ago, zMeul said:

ok, I did some basic research

from what I found: once the VPN tunel is active, it replaces the user created routes with the VPN ones - basically, when VPN is active, all forwarding rules are ignored

 

some people suggest using custom firmware with added custom scripts - if you are in that kind of stuff .. good luck 

 

 

I'm into that kind of stuff, but unfortunately there are no custom firmware available for my particular router(Asus RT-AC51U). That's why I came here.

[zMeul]

5 minutes ago, DigiGoon said:

no custom firmware available for my particular router(Asus RT-AC51U)

https://bitbucket.org/padavan/rt-n56u/wiki/EN/CommonTips

 

Padavan is currently the only custom FW

[DigiGoon]

1 minute ago, zMeul said:

https://bitbucket.org/padavan/rt-n56u/wiki/EN/CommonTips

Unstable, frequently disconnects in WLAN and LAN.

Been there, done that.

[zMeul]

well ... the ARM Broadcom CPUs are more modder friendly

 

why not build your own PFSense box?

[DigiGoon]

1 minute ago, zMeul said:

well ... the ARM Broadcom CPUs are more modder friendly

 

why not build your own PFSense box?

 

Due to lack of hardware and bucks.

But since you mentioned that, I think I might have an old laptop somewhere.

But still, I would more likely keep my current network structure.

[DigiGoon]

Other experts, please shed some light here.

I can't use pfSense box too in my network.

Is it possible to add some routing to the VPN server?