Need help! Static routes to VPN router

**TurboMedic** · 01-15-2013, 03:32 PM

I'm lost and need some help from the gurus on here! I'm trying to set up my VPN router behind my regular router, and I'm really struggling.

First off the setup is cable modem --> Asus RT-N56U --> Cisco E2500 w/dd-wrt BIG installed running the VPN script from Hidemyass.

The Asus will remain a local address machine, as its not VPN capable, and I'd like to keep a local anyhow for some devices. It needs to share its connection with the Cisco through its LAN ports. I'm led to believe that this can be done using the "LAN-route" portion of the Asus router. At least it says thats for connecting several routers to the internet behind the Asus using the same connection.

Problem is, I have no idea what to enter into the fields, they are:

Network/Host IP, Netmask, Gateway, Metric, and Interface (LAN).

First things first, the router names are not the same so there is no conflict (Asus is 192.168.1.1, Cisco is 192,168.1.2). The Cisco will see the internet and route if its connected to the modem, as will the Asus, independantly. But if I plug the Cisco into the Asus, the Cisco doesn't even get assigned an address?

Any advice????

**benyl** · 01-15-2013, 04:55 PM

What DHCP range did you set up in the ASUS?

Sometimes, the ASUS is set to 192.168.1.1, but the range of IP addresses starts at 192.168.1.50 or something like that.

**revelations** · 01-15-2013, 06:14 PM

For starters, my understanding is that the VPN should be right behind the modem, and then the ASUS router after that.

**TimH** · 01-15-2013, 07:38 PM

The easiest way to do this would be to get a dumb switch plug it into the modem, connect both the wan interfaces of both routers/vpn to the dumb switch. Then connect a cable between the two routers on their inside interfaces and configure some static routes on both routers to route between their inside and VPN user subnets. You would need two public IP addresses though.

You can do it the way you have it shown if you setup a static NAT translation, disable NAT on the VPN router and setup some static routes. I would go with getting a dumb switch and hooking it up versus trying to set it up behind one another.

**TurboMedic** · 01-16-2013, 12:02 AM

Originally posted by TimH
The easiest way to do this would be to get a dumb switch plug it into the modem, connect both the wan interfaces of both routers/vpn to the dumb switch. Then connect a cable between the two routers on their inside interfaces and configure some static routes on both routers to route between their inside and VPN user subnets. You would need two public IP addresses though.

You can do it the way you have it shown if you setup a static NAT translation, disable NAT on the VPN router and setup some static routes. I would go with getting a dumb switch and hooking it up versus trying to set it up behind one another.

Hmm, more detail? I'm new to this part of the whole thing...

**TimH** · 01-16-2013, 12:38 AM

Here's a quick diagram of what I'm talking about:

» Click image for larger version

**hussein** · 01-16-2013, 02:04 AM

Did you try plugging the WAN port on the Cisco into the LAN port on the Asus? You shouldn't need any static routes then. On the Cisco, you may need to set the LAN subnet to a different one than the WAN.

I have an Asus RT-N16 router WAN port connected to my cable modem. I have a dd-wrt WRT54GL on the same subnet, with a wire going from the LAN port to the Asus LAN port. I then use static routes on the Asus to push VPN specific traffic to dd-wrt. The dd-wrt vpn router has the Asus IP set as the gateway and local DNS.

If you want to use the VPN for internet traffic, as far as I know you will have to do what I said in the first paragraph. If you want to use it only for accessing selected subnets on the internet or private network connected on your VPN, do what I said in the second paragraph.

**thetransporter** · 01-16-2013, 02:55 PM

Im not sure if you want just do Asus RT-N56U with dd-wrt and under WAN set it to connect with VPN and you specify both your WAN and VPN ip settings?

**TurboMedic** · 01-16-2013, 07:30 PM

Originally posted by thetransporter
Im not sure if you want just do Asus RT-N56U with dd-wrt and under WAN set it to connect with VPN and you specify both your WAN and VPN ip settings?

RT-N56U has no dd-wrt support for it....The 66 does...

**TurboMedic** · 01-16-2013, 07:34 PM

Originally posted by TimH
Here's a quick diagram of what I'm talking about:

» Click image for larger version

Ok, so technically I'm part way there....I will get a switch and place that before both routers.....

They each have their own public IP's set up (see initial post), so that would only leave me still confused as to what needs to be entered in the static route fields.

If I interpret that diagram correctly, the stuff at the bottom is host IP, subnet mask, and gateway IP...... Interesting that it says 192.168.10.0, because that is another subnet correct? I was trying to put the public IP's in there

You're a huge help....thanks so far

**thetransporter** · 01-16-2013, 07:35 PM

Originally posted by TurboMedic

RT-N56U has no dd-wrt support for it....The 66 does...

IM very sorry - mis -read it - thinking it was the same as mine but turns out mine is 66u but its off. turns out the 2200bg (2wire) 8 year old g router gives me double the range.

**odin7** · 01-21-2013, 04:33 PM

My guess is you're trying to achieve this:

cable modem (same one) --> asus --> local network
cable modem (same one) --> asus --> cisco w/ dd-wrt --> VPN pool clients

I'm assuming you want to maintain both of those.

Asus LAN IP: 192.168.1.1
Asus network: 192.168.1.0
Netmask: 255.255.255.0

Asus WAN IP: set by your ISP via DHCP
DNS: set by your ISP via DHCP
Gateway: set by your ISP via DHCP

Cisco LAN IP: 192.168.10.1
Cisco network: 192.168.10.0
Netmask 255.255.255.0

Cisco WAN IP: 192.168.1.2
Cisco gateway: 192.168.1.1
Cisco DNS: 192.168.1.1 (probably not required tho)

static routes... You shouldn't need them.

To do what you want you shouldn't require two public IPs or to wire your two routers together. Its the same as having a client comp of your Asus (192.168.1.0/24) and having that comp establish a VPN connection using a VPN app, for example like OpenVPN GUI. What you're doing is establishing that connection using dd-wrt and having clients connected to your Cisco (192.168.10.0/24) not require a VPN app.

PM me if you need more help.

**94CoRd** · 01-29-2016, 10:25 AM

Going to bump this thread. I've been banging my head against the wall for the last week with a similar situation.

Set up:

ROUTER 1 (DDWRT)
WAN IP: set by ISP via DHCP
DNS: set by ISP via DHCP
Gateway: set by ISP via DHCP
LAN IP: 192.168.1.1

ROUTER 2 (DDWRT)
LAN IP: 192.168.2.1
Netmask 255.255.255.0
WAN IP: 192.168.1.3
gateway: 192.168.2.1

I have the OpenVPN client configured for PIA on Router 2, and I can ping clients between the different subnets.

When VPN is disabled, I am can access the internet from both subnets.

When VPN is enabled and connected successfully to PIA, I can no longer access the internet from the second subnet (192.168.2.1).

I have tried various firewall rules - but nothing seemed to work, and I don't completely understand the conditions. Going to read up on IP tables, but hopefully someone here can keep me going in the right direction. Basically, I want all traffic on router 2 to use tun1 route? correct?

Thread: Need help! Static routes to VPN router

Thread Tools

Search Thread

Need help! Static routes to VPN router

Similar Threads

Static IP on Siemens Modem/router from TELUS?

FS: Linksys 2.4 GHZ Wireless - G VPN Broadband Router

FS: 2 Moniters / Sound Blaster Live! Card / Linksys Wireless G VPN Router

FS: Linksys WRV54G Wireless G VPN router

FS: Linksys Wireless-G VPN Router

Posting Permissions