Troubleshooting VPN server access issue with Firewalla and ASUS router
Hello, good afternoon.
I have an ASUS router that allows me to create a VPN server and thus access any device on my internal network. However, after installing Firewalla, this function no longer works correctly. I can only access my router's address, and no other device.
I suspect that Firewalla is interfering and not allowing access to other devices, or perhaps something related to Double NAT. Maybe the solution is to create static routes on the router, but I haven't been able to do it myself.
I have Firewalla Purple connected in DHCP mode.
At the moment, I do not want to install the VPN server on Firewalla; I would like to make it work on the router itself. Do you know how to achieve this configuration?
Thank you very much.
-
I think, you really need to use static routs on Asus router.
I'm thinking, asus-router is your first router connecting you to the internet. Firewalla is just behind it. So you have two networks, the network between asus router and firewalla and the network behind firewalla. So you just can use VPN and use the network between firewalla and asus router, but there are no devices.
So i think, you need to set static routes in asus router and also use firewall rule in firewalla to grant access from outside to inside your LAN.
But this won't be good and you'll have some security issue. Better way will be not to use VPN on asus router. You should use VPN on firewalla or another VPN-device inside your LAN. I'm using a small router which can act as Wireguard VPN server. Firewalla Purple should also be able to use Wireguard VPN. But i still have firewalla red without this option. So another device is running Wireguard VPN server in my home.
-
Thank you very much for your reply.
I think there must be something like what you said, because without doing any configuration on the VPN, after installing Firewalla, it has stopped finding the devices on the network.
As far as I understand with firewalla Purple, it doesn't create an overlay network, that's why I don't know what is really happening with my network.
The reason for having the VPN on the router is that I don't want to open ports.
Best regards.
-
i do not know firewalla purple in detail. But I think only the one-armed firewalla devices have the overlay network, no? Or is the simple mode also available on the purple?
Do you have different IP addresses for your network devices and also for your main router? If so, this is an indication that firewalla is either routing two networks or using overlay. I'm thinking, there'll be one of this two choices.
But as i don't know purple in detail, this should be answered by an purple expert.
Please sign in to leave a comment.
Comments
4 comments