I'd like some help setting up router as wireless AP that's only routed through NordVPN.
I'm a complete noob when it comes to OpenWRT but have a little knowledge in using other more basic factory firmware, so please try to keep advice or instructions pitched at this level for now. I'm trying to bring myself up to speed with this amazing firmware option.
Essentially, my setup at home is a cable modem running into the WAN port of my ISP supplied router (10.2.1.1; Router1). I've connected a LAN output into the WAN input of the Linksys WRT1200ac (Router2) that I intend to use for the Nord VPN client. I'm trying to build a WiFi network that my devices can connect to, circumventing geoblocking, by appearing in a foreign country. The Linksys router is still at 192.168.1.1 - I'm not looking for it to communicate with devices connected to the 10.2.1.* network, only for devices connected to the VPN WiFi to access the WAN through the VPN tunnel.
I'm trying to follow the NordVPN instructions found at: [https://nordvpn.com/tutorials/openwrt/openvpn/](http://Tutorial - OpenVPN | NordVPN)
What I've done:
-
I installed openvpn-openssl, ip-full and luci-app-openvpn packages from the software tab.
-
I downloaded a configuraion file for a USA-based UDP NordVPN server (*.ovpn)
-
I setup a new VPN connection from the OpenWRT OpenVPN tab, using the *.ovpn config file and called it "nordvpn"
-
I added my login details on separate lines in the bottom window to create the auth file and added the location of the authfile to the "auth-user-pass" config line
I skipped over Step 3, because the above procedure should have already taken care on this step, right?
I the added a new network interface by connecting to the router via SSH and typing:
uci set network.nordvpntun=interface
uci set network.nordvpntun.proto='none'
uci set network.nordvpntun.ifname='tun0'
uci commit network
then added firewall rules:
uci add firewall zone
uci set firewall.@zone[-1].name='vpnfirewall'
uci set firewall.@zone[-1].input='REJECT'
uci set firewall.@zone[-1].output='ACCEPT'
uci set firewall.@zone[-1].forward='REJECT'
uci set firewall.@zone[-1].masq='1'
uci set firewall.@zone[-1].mtu_fix='1'
uci add_list firewall.@zone[-1].network='nordvpntun'
uci add firewall forwarding
uci set firewall.@forwarding[-1].src='lan'
uci set firewall.@forwarding[-1].dest='vpnfirewall'
uci commit firewall
then configured DNS servers:
uci set network.wan.peerdns='0'
uci del network.wan.dns
uci add_list network.wan.dns='103.86.96.100'
uci add_list network.wan.dns='103.86.99.100'
uci commit
I can access WAN when connected to the router via LAN cable until I enable nordvpn, then the WAN is inaccessible.
How do I complete the setup to have all traffic flow through the VPN tunnel (both LAN and WiFi)? How would if be configured for just WiFi traffic with LAN going direct through ISP only?
How do I se the WiFi network up? If I try to connect, devices aren't receiving IP addresses, so clearly I have no idea what I'm doing with the DHCP on Router2.
Thanks for helping me with what must be some quite basic questions for you guys!