Been struggling with this for a while, and figured I’d ask for help with my specific situation.
I have AT&T Fiber with the BGW320-500 model gateway, and I’m trying to set up a vpn on a TP Link network behind it. I have the ER605 v2 VPN Router and the Omada Hardware Controller (OC200). (I also have a Jetstream switch and 2 EAPs, but those aren’t really relevant to my problem).
So far, I’ve got the VPN server set up on the router, and I’ve put the AT&T gateway in IP Passthrough mode. I also disabled the packet filters and tried disabling the firewall on the gateway as well, but have since turned the firewalls back on. Months ago, I tried this without putting the gateway in IP Passthrough, and exporting the .ovpn configuration from the controller had the router’s local LAN address as the server IP. Loading that in the OpenVPN app on my phone allowed me to connect to the VPN when I was already on my home WiFi (not surprising), but I could not connect to the VPN when not on the WiFi (again, not surprising since it was trying to connect to a private IP). Following the advice from an SPX Labs video on YouTube, I changed the IP in the .ovpn file to my network’s public facing IP, but I was not able to connect to the VPN at all after doing that.
After that failed, I did then enable IP Passthrough on the gateway (and even re-exported the VPN config), but still nothing. Looking at the new .ovpn file, the server IP address it had by default was the AT&T’s private address, not my public address. I tried changing the gateway’s address and subnet to match the VLAN I put the Omada Controller on, so all the networking devices would be on the same subnet, but then I couldn’t access the gateway settings anymore and nothing was connecting to the internet, so I had to factory reset the gateway. I don’t think that the gateway and router being on different subnets is the issue because all the normal networking stuff work fine.
I’ve followed all the steps from many guides on how to enable IP Passthrough, and I’ve followed the steps from SPX Labs’ guide on how to set up the VPN server on the router to satisfaction on that end (minus the server IP in the .ovpn file, but that will get fixed when my IP Passthrough issue does). But I feel like there’s some intermediate step I’m missing. None of my research has found anyone trying to do what I am with the same equipment (either a different model gateway or different model router or a router that isn’t behind a gateway).
Here’s that video guide I was using in case someone’s interested: https://youtu.be/Or0msus1A9I
TL:DR
I want to set up an OpenVPN server on a router behind an AT&T gateway, but am having no luck. You can read above for what I’ve tried and where I’m at.
AT&T gateway: BGW320-500
TP Link router: ER602 v2
Omada Hardware Controller (OC200)