My brother-in-law just got a Hubitat, and we're trying to set it up so I can access it from my house to program it for him. I'll probably end up signing up for the Remote Admin service for him, but I wanted to see if I could set something up thru OpenVPN, if only to learn how this works.
My TP-Link Archer A20 has a built-in OpenVPN server, and I finally managed to connect to it with my cell phone (wifi off). However, my home IP addresses are 192.168.0.xxx, and the IP range thru the OpenVPN server are 10.8.0.xxx. When I type in the 192.168.x.x address of my router into Chrome on my phone, it says site can't be reached. I can see that I'm connected in my router (interestingly, there are two connections: 10.8.0.6 - my phone, and 10.8.0.10 - what is this?). Obviously, I'm missing a step, but can't find anything here or on Google to tell me what that step is.
Sounds like your router doesn't automatically create a firewall rule allowing access from the OpenVPN subnet to your 192.168.1.x LAN. My experience with TP-Link firmware is limited but I do remember it being very different from other brands making it very confusing to do anything advanced.
I wish I could be more help, but what you are looking for is the configuration of the firewall rules.
Edit: Did some googling myself, it's a common complaint. One recommendation was to setup a port forward, but I'm not sure this is the best option maybe another Tp-Link expert can assist better?
It is at home. I'm just seeing if I can get it to work on my own router, accessing it with my phone through cellular data (outside the lan) rather than through wifi. If I could do that, then I might be able to figure out how to access my brother's hub from my house.
But I don't think I understand this stuff well enough. $2.99 for Remote Admin isn't terrible...I just wanted to see if I could do it myself first.
I use a Raspberry Pi with WireGuard. Easy to setup, can be connected to from home or away, is super fast in connecting and using. It allows you to access anything on the remote network, so that might be an issue for your BiL.
i used to run my openVPN on my synlogy and while i managed to get it to work by tweaking some things, it wasn't how i wanted it. i ultimately started my openvpn server on a linux box and haven't looked back
Yes, but even if I got it to work, I don't want to have to repeat this nonsense with my brother's router and hub. Remote Admin is looking like the far better and easier option at this point. I've already added his instance of Webcore to my own (Which was painless).
Fair point. It makes sense to go that route for your brother. If you want to monkey around at home. Try wireguard on a PI. Quite a few of us here going that route with huge success because we want more access than just to the HE hub.