Create a second network (wifi & ethernet) with vpn connection

Hello,

schema-vpn-openwrt
I'm looking for some hints to configure the Router2 the cleanest way possible.
But I'm not even sure if it's a subnet, vlan or something else.

I'm using the snapshots version of openwrt with luci, and luci-app-openvpn.
I successfully configured the vpn following https://nordvpn.com/fr/tutorials/openwrt/openvpn/ .

Thank you

Ensure Router2 LAN IP address is on different subnet to Router1 LAN and configure its WAN port to use DHCP protocol (or static IP address) eg. if Router1 LAN IP is 192.168.1.1, then assign 192.168.111.1 to Router2.

fwiw, quick review of NordVPN instructions shows there is no kill switch when VPN connection fails. Delete the WAN interface as shown below to implement kill switch.

fyi, refer to v1.2 doc
https://openwrt.ebilan.co.uk/viewtopic.php?f=7&t=279

1 Like

Thank you Bill, that's exactly what I was looking for, and it's working nice!

It's working great but it seems that the OS itself has no connection (by using command line, or luci software pages). How can I open a connection for the system ?

Sorry, I don't quite understand your question. Can you provide more information?

I followed the instructions of your document v1.2d. My laptop connected with ethernet has a vpn connection and thus has access to internet.
I also can access Luci, but it seems that the openwrt local system has no connection to internet (with or without vpn). I can't update software list (from System/Software) or test ips from Network/Diagnostics.

Use LuCI's 'Network/Diagnostics' and confirm you can Ping and TraceRoute to a physical IP address such as 8.8.8.8 via VPN tunnel.

If above is successful but you find you cannot Ping 'www.google.com', it may be because the DNS servers assigned to the WAN interface of Router2 are not accessible via your VPN connection.

Here is one solution:
Go to LuCI > Network > Interfaces > LAN
Add a DNS server as shown below
.
4openwrt

I will update my documents. Thanks.

The custom DNS servers in LAN configuration did it.
I also tried the static IP for WAN but it made the router lose his internet connection altogether.

Thank you very much!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.