Page 1 of 1
OPENVPN forward on a NEXQ6GO
Posted: Tue Aug 03, 2021 8:41 pm
by derekjsmith
Solved:
https://wirelessjoint.com/viewtopic.php?f=8& ... 089#p20270
I'm having issues setting up a OPENVPN server forward. I've got a TP-Link TL-R605 setup with OPENVPN running. I'm able to connect locally but not remotely. I've setup firewall exceptions for forwarding UDP/1194 from EXT to LAN which has fixed IP for the TL-R605 and also setup a DDNS which reports the external IP address correctly. I'm however not able to get a firewall forward from the external network 174.204.71.XXX in this case Verizon wireless to my local network 192.168.1.XXX. I think I'm either not setting up the firewall forward on the NEXQ6GO correctly or Verizon is blocking inbound UDP/1194. Anyone else have an issue setting up a VPN server using Verizon as the carrier. Not that it should matter but am running the latest firmware and the modem is a EM12G,
Re: OPENVPN forward on a NEXQ6GO
Posted: Thu Aug 05, 2021 7:41 pm
by derekjsmith
More info. As a test I've added ICMP (Ping) to the firewall exceptions for the WAN->LAN and still not getting through. So I guess it's my lack of understanding on setting up this firewall. Or Verizon blocks all in-bound traffic.
Re: OPENVPN forward on a NEXQ6GO
Posted: Fri Aug 06, 2021 3:24 pm
by Didneywhorl
Hopefully someone chimes in, I'm no good on VPN anything. Someday I'll sit down and figure it all out.
The NEXQ6GOs firewall is a stock firewall setup from openWRT, you may have some resources there.
The makers of the firmware are Goldenorb/rooter:
https://ofmodemsandmen.com
Re: OPENVPN forward on a NEXQ6GO
Posted: Fri Aug 06, 2021 3:50 pm
by derekjsmith
Thanks, I've looked around on ModemsAndMen but nothing really for answers. I've also looked around on OpenWRT which I used to know inside and out many years ago. I scaled back my testing to just getting ICMP (ping) to work from an external IP.
Re: OPENVPN forward on a NEXQ6GO
Posted: Tue Aug 10, 2021 12:16 pm
by derekjsmith
Found the root of the issue. It's the cell provider, they block all inbound unless you have a business plan/line. So am looking at reverse tunneling to gain remote access to my LTE network. Am going to setup a RPi server running TunnelIn and use their service. I'll report back either way.
Re: OPENVPN forward on a NEXQ6GO
Posted: Tue Aug 10, 2021 1:36 pm
by mtl26637
Sorry, wish I'd have seen this post earlier. Yes all providers block incoming traffic. Your on the right track though, I have a pi3 setup with reverse tunnel to get in from the outside. I have mine setup to forward to a vultr server as my middle man. Might check out ngrok.com, seen a post here about it few weeks ago and bookmarked it but don't really need it anymore but would work perfect for what you are needing from first glance.
Re: OPENVPN forward on a NEXQ6GO
Posted: Tue Aug 10, 2021 4:43 pm
by derekjsmith
So I ended up using ngrok.com as the tunnel into my network behind the LTE.
I've got a stock Pi4 on the LAN side of my network with VNC enabled. Installed and setup ngrok to run on boot/reboot "./ngrok tcp 5900" And all is good for remote access of my LAN. I mostly needed it for configuring the 3 LTE routers I've got running through a TP-Link EAP router that aggregates all of them together into a single connection. Also my TP-Link EAP mech network that services a wide area, about 1400ft. This is all in the remote mountains with the closest LTE tower 7 miles away.
Re: OPENVPN forward on a NEXQ6GO
Posted: Tue Aug 10, 2021 5:20 pm
by Didneywhorl
derekjsmith wrote: ↑Tue Aug 10, 2021 4:43 pm
So I ended up using ngrok.com as the tunnel into my network behind the LTE.
I've got a stock Pi4 on the LAN side of my network with VNC enabled. Installed and setup ngrok to run on boot/reboot "./ngrok tcp 5900" And all is good for remote access of my LAN. I mostly needed it for configuring the 3 LTE routers I've got running through a TP-Link EAP router that aggregates all of them together into a single connection. Also my TP-Link EAP mech network that services a wide area, about 1400ft. This is all in the remote mountains with the closest LTE tower 7 miles away.
Any way I can get you two write up a tutorial on this?
If so, that'd rock! Post it here:
https://wirelessjoint.com/viewforum.php?f=21
Re: OPENVPN forward on a NEXQ6GO
Posted: Tue Aug 10, 2021 5:56 pm
by derekjsmith
Yes, I've got a bit more testing, once I'm happy with it and know it's works well I'll write it up
Re: OPENVPN forward on a NEXQ6GO
Posted: Wed Aug 11, 2021 5:20 am
by BillA
derekjsmith wrote: ↑Tue Aug 10, 2021 5:56 pm
Yes, I've got a bit more testing, once I'm happy with it and know it's works well I'll write it up
Another solution is OpenMPTCProuter which lets you tunnel through a carrier's private IP's, and also do true carrier aggregation using multiple internet sources combining the speeds together (not just a simple load-balancing/failover).
https://wirelessjoint.com/viewtopic.php?f=21&t=1078
Re: OPENVPN forward on a NEXQ6GO
Posted: Thu Aug 26, 2021 10:08 am
by DonJuane
I am interested in this. Is the free account capable of occasionally linking into to a remote LTE network to run (e.g.) RealVNC on a LTE attached Windows desktop, like OpenVPN provides? If the answer is yes, using RPi3 with GO as my main router, can it be added to the Pi3 or should I upgrade to a Pi 4 or does it need to run on a separate Pi device?
**** Come to think of it unless there was a package file for it (doubt seriously) then I am betting it would require its own box with Linux rather than G.O. aka OpenWRT.
Re: OPENVPN forward on a NEXQ6GO
Posted: Thu Aug 26, 2021 12:10 pm
by derekjsmith
DonJuane wrote: ↑Thu Aug 26, 2021 10:08 am
I am interested in this. Is the free account capable of occasionally linking into to a remote LTE network to run (e.g.) RealVNC on a LTE attached Windows desktop, like OpenVPN provides? If the answer is yes, using RPi3 with GO as my main router, can it be added to the Pi3 or should I upgrade to a Pi 4 or does it need to run on a separate Pi device?
**** Come to think of it unless there was a package file for it (doubt seriously) then I am betting it would require its own box with Linux rather than G.O. aka OpenWRT.
NGROK has downloads for Mac/Win/Linux was very easy to setup on my Pi4 running stock RPi OS.
- Setup free NGROK account
- Install NGROK on Pi4
- Setup VNC on Pi4
- Create NGROK startup/boot script for the Pi4 using tcp @5900 for VNC
- NGROK will report the tunnel endpoint status on your account
- connect to VNC using address
Re: OPENVPN forward on a NEXQ6GO
Posted: Mon Sep 27, 2021 9:04 pm
by DonJuane
Thank you!