Anybody successfully using openvpn on Asus Router as VPN Server and DDNS

[daristan]

Anybody successfully using openvpn on Asus Router as VPN Server and DDNS.
When i first setup the openvpn on Asus router as vpn server, i can use my iphone to connect to using openvpn apps when iam on Wifi (not working on 4G some how)
However because i did not have static Ip address but dynamic address, i will run into issue when i reboot my router which will auto switch to new IP address.
The solution to this is to use DDNS which also provided free from Asus.
I have created the free DDNS, however i just couldn't connect to Openvpn with the new configuration.
error message is "Connection Timeout" in my iphone

Anybody also encounter this and resolve it?

Port use : 1194
DDNS : xxx.asuscomm.com

 

[liangtam]

You must opt for Static IP addon when using MyRepublic fixed bb hosting OVPN or other VPNd at home

 

[Apex]

For DDNS to work, you need to have a public IP address.

Some isp use cgnat setup (My republic) which means you do have Public IP therefore explain why u cant from outside.

 

[killer00]

Check the openvpn config file, the VPN server IP should be xxx.asuscomm.com not the private IP address.

 

[daristan]

You must opt for Static IP addon when using MyRepublic fixed bb hosting OVPN or other VPNd at home

So the issue is because using myrepublic bb, other bb can work?

 

[daristan]

So the issue is because using myrepublic bb, other bb can work?

Yes is correct?

Check the openvpn config file, the VPN server IP should be xxx.asuscomm.com not the private IP address.

yes is shown xx.Asuscomm.com , now I change to no-ip also same issue

 

[chiu2000]

So the issue is because using myrepublic bb, other bb can work?

Problem is CGNAT, which is not limited to MR. This cause you to be double NAT and thus the DDNS service will not be able to find the correct public IP address to point to. You will also experience the same issue on Viewqwest (CGNAT) and SingTel/Whizzcomm (double NAT due to ONR)

You need to apply for static IP from MR if you want to host anything.

I am also on MR but since I am also using static IP, I have no problem hosting VPN server and remote control my devices at home

 

[daristan]

Problem is CGNAT, which is not limited to MR. This cause you to be double NAT and thus the DDNS service will not be able to find the correct public IP address to point to. You will also experience the same issue on Viewqwest (CGNAT) and SingTel/Whizzcomm (double NAT due to ONR)

You need to apply for static IP from MR if you want to host anything.

I am also on MR but since I am also using static IP, I have no problem hosting VPN server and remote control my devices at home

Thanks , look like got to spend $50 for this static up address

 

[loganrunning]

Problem is CGNAT, which is not limited to MR. This cause you to be double NAT and thus the DDNS service will not be able to find the correct public IP address to point to. You will also experience the same issue on Viewqwest (CGNAT) and SingTel/Whizzcomm (double NAT due to ONR)

You need to apply for static IP from MR if you want to host anything.

I am also on MR but since I am also using static IP, I have no problem hosting VPN server and remote control my devices at home

whizcomms provided me with bridged onr, so no double NAT. no problems accessing from outside.

 

[Hafi]

some probable workaround is using something like Tailscale (free for 1 user).

 

[phayze]

Yes is correct?

yes is shown xx.Asuscomm.com , now I change to no-ip also same issue

what IP is xx.asuscomm.com point it? If it is a private IP, then it wouldnt work over internet.

 

[yusoffb01]

what IP is xx.asuscomm.com point it? If it is a private IP, then it wouldnt work over internet.

xx.asuscomm.com will show public ip. but myrepublic use cgnat. need to buy public ip from myrepublic to work.

 

[hairymonster]

assuming u are NOT on cgnat, did u portforward 1194 to the IP of ur asus router?

 

[Hafi]

 

[hairymonster]

This is my favourite solution

 

[Hafi]

This is my favourite solution

year 2023 already still fiddling with ddns, port forwarding, firewall and static IP address... time to learn new skillz LoL.

 

[hairymonster]

year 2023 already still fiddling with ddns, port forwarding, firewall and static IP address... time to learn new skillz LoL.

I love how you can use cloudflare tunnel to access all the docker containers. Best of all its free

 

[Hafi]

I love how you can use cloudflare tunnel to access all the docker containers. Best of all its free

can also host public services/webhosting without exposing your home WAN IP (Cloudflare acts as your reverse proxy).

 

[hairymonster]

can also host public services/webhosting without exposing your home WAN IP (Cloudflare acts as your reverse proxy).

In some cases still need local reverse proxy nginx. Is not a one solution for all but I take it!

 

[it_geek]

Sorry TS but why the heck would u want to use OpenVPN that is built into the router

The OpenVPN implementation on these routers are damn outdated, sometimes even sloppily done (OpenVPN 2, not OpenVPN 3), insecure authentication, etc. I wouldn't touch the built in router VPN with a 10 foot pole.

I used one on a NETGEAR router for a while and discovered how vulnerable it was. You definitely do not want to be carrying out secure transactions over this VPN, or even file sharing sensitive stuff. At the very least consider a paid solution for peace of mind as recoed by others here. If you are hardcore, can consider Softether.