I have the following set-up:
WRT1900ACV1 Router with "LEDE Reboot 17.01-SNAPSHOT r3498-dc8392f / LuCI lede-17.01 branch" Kernel: 4.4.83
OpenVPN Policy Routing (OPR) Package installed, Version 5.0.1-10 (sets up IPTABLES). See: https://github.com/stangri/openwrt-packages/blob/openvpn-policy-routing/net/openvpn-policy-routing/files/README.md
2 OpenVPN VPNs clients (PIA is VPN provider) set-up and working OK on the WRT1900AC Router.
OpenVPN Option "route_nopull" set on both VPNs to allow WAN as default route so VPNs do not set any routes. I use OPR to set routes for each static IP.
WAN is PPPOE to ISP with a VDSL2 Modem (Netgear DM200) set-up as a (dumb) VDSL2 bridge. WRT1900AC does the login, password, DHCP, DNS etc..
LAN is a normal set-up with static IPs assigned to all devices on the home LAN.
DNS servers only entered through LUCI "Network-DCHP and DNS-Servers-Settings-DNS forwardings" (no other entries in WAN for example). In WAN "Use DNS servers advertised by peer" is UNCHECKED so DNS from ISP is ignored. DNS Servers set are: 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199 .
Problem: I cannot get the DNS queries to go through the VPN for the specific static IP I have assigned in OPR.
For example: I set static IP 192.168.2.180 assigned to a Win 10 PC to go through the PIA VPN setup for the UK. I works fine and my external IP is set to a UK IP when I check with "https://wtfismyip.com/".
When I do a DNS Leak Test with "https://www.dnsleaktest.com/" it does not show UK DNS responses but servers close to me, so I suppose its DNS requests are going through my WAN and not the VPN.
I tried to use OPR to set-up port 53 and also the DNS Servers noted above to go through the correct VPN for the static IP I set in OPR but after a lot of trial and error no success in getting it working.
What I want to do is:
Set OPR for a particular static IP to go through a particular VPN I have set-up. This is working.
Have DNS requests for the above static IP go through the same VPN as I have set for that particular static IP. Have other DNS requests go through the WAN by default but through an assigned VPN if that static IP is set to go through a VPN. This is not working.
Is what I want to do possible? If so, how do I set it up?