Dual router setup


I have a hiltron coda gateway from cogeco but it is now in bridge mode, so only modem and I have my router with openvpn setup on it but I have many devices and only the smart tv and my laptop need to be on vpn and some times, my cell.

So my wife and son's devices don't need the vpn. Instead of create many vpn bypass or policy based routing, I would like to create a dual setup, Ive already have a second good router in the box ready. I use open wrt, so my question is, is it ok to use 3 hardwares like that ? MODEM /MAIN ROUTER/VPN ROUTER ? those hardwares are very close, 2 feet apart, problem about interference? (I will have 3 or 4 wifi networks (2.4 and 5ghz from 2 routers)



*btw, if I decide to use just one router, if I create wifi guest network, so, regular 2.4 and 5ghz + 1/2.4 guest and 1/5ghz guest, is the guest wifi will be as fast as the regular one??

thanks again

Why did you create many bypasses to the VPN? It makes more sense to make ISP the default and create a couple of exceptions for the devices that need VPN.

I'm not very able to setup that.. sorry.

So I thought dual setup would be better?

And do you know where is vpn passthrough in open wrt? I need to enable that in the main router I think?

Frankly speaking, if you consider doing a dual router setup, then reversing the default gateway is a piece of cake.

What do you need the passthrough? You have OpenVPN as you mentioned in the first post, not IPSEC, right?


So just need to choose for exemple and the other router right?

Yes open vpn.. forget passthrough:-)

If you go with dual router for that scenario, you will have added interference with the multiple wireless networks. Take that into consideration. Other than that you can cascade them as you mentioned in the first post.


But the ssid will not the same for both routers and the channels will be different too.

Which is fine if you live in a rural area and there are no neighboring wireless networks around you.

I live in small city. 40 000
But I live in downtown....

You can download an application in your mobile to scan for wireless networks in your area and decide accordingly.
For what it's worth I am having interference from neighbours in my dual access point setup in the 2,4 band, even though I am living in a village with family houses only, no blocks of flats. Everyone is at 40MHz and all channels are more or less occupied.

Just one more question.
I've read that I need to disable dhcp server on the vpn router?

Not necessarily. If the vpn router is routing then you shouldn't disable it. I am not sure it would work in a dumbAP scenario though, where you would need to disable the DHCP server.

I've read that on dd wrt forum.

Dont know if it is the same here.
It said :
You don't want two DHCP servers on your network and routers have these turned on by default. You have to get in an turn off one of them, I suggest on the VPN router.

I will follow that kind of tuto: I'm on openwrt but it is probably the same

There is tutorial for the same thing. https://openwrt.org/docs/guide-user/network/wifi/dumbap
However the VPN will not work as expected if you have a dumbAP.
You could try to adapt the guestwifi dumbAP guide to use for VPN.

1 Like

This can (and should) be done with one router. First you have the basic lan-wan setup without VPN. Keep that as it is, non-VPN users will use it. Set up a VPN client and configure it to not install any routes to the kernel. Then set up a guest network with a separate IP range and wifi AP instance, but use the firewall config to forward and NAT the "guests" (devices using VPN access) into the VPN tunnel instead of to the wan.

1 Like

The only wired device I have is smart tv.
And I think I'm too much novice to setup that :roll_eyes::thinking:

If you want to VPN the TV and have no other wired devices you could just move the whole LAN ethernet over to the VPN. Though it is not complicated to split up the Ethernet ports by adding VLANs to the switch.

It seems easy :joy:

I will try to understand that