I have a router from my ISP (Fritzbox)
I also have a secondary router (GL-MT300N)
With this tutorial (https://www.loganmarchione.com/2015/02/openwrt-with-openvpn-client-on-tp-link-tl-mr3020-3/) I have created a secondary network which uses a OpenVPN connection.
My goal was that I can connect to my secondary router to use the VPN and with my primary router to not use the VPN.
Everything is working fine, except the fact that the devices cant communicate to devices in the other Network.
When I Ping from a Device in my Primary Network, I cannot connect to a device in the secondary network.
Primary Gateway is 192.168.178.1
Secondary Gateway is 220.127.116.11
The Secondary Router has the IP 192.168.178.55
How can I allow all Devices to communicate across the two Networks?
If the VPN is up, all traffic will be routed through the VPN tunnel, unless you've made exceptions,
and/or set the VPN tunnel not to "hijack" local IPs.
How can I set the the Tunnel not to hijack local IPs?
Well I'm a big noob in networking so I'm confused what to do now.
Dont you think that it is possible that you can exclude Local IPs (192.168.178.x) from the VPN Tunnel?
it depends on what you'd like to achieve .... ?
I need 2 networks. One with vpn, the other without the vpn.
And all devices need to be able to communicate across both networks.
So a device with IP 192.168.178.29 can Ping a device with IP 18.104.22.168 and the other way around.
Add static routes to both routers. Router A needs to know the route to Network B is via Router B's address on Network A:
192.168.178.0/24 via 69.69.1.x
and vise versa.
Since these routes are more specific than the default route through the VPN, traffic will flow directly between the two LANs.
69.69 is not a RFC1904 private IP range, you should not use it that way.
You can use VPN Policy-Based Routing, it's a package for openwrt.
You can then per user/ip/port etc decide what goes over VPN and what is not. I'm using it like that. (I'm using it in combination with Expressvpn)
Something to read;
packages/README.md at master · openwrt/packages · GitHub
Ok I got it partially with VPN Policy-Based Routing.
I can now Ping from Router B (The VPN Router) to Router A.
But I think I need to add a Route from Router A (The Fritzbox) to Router B so I can also Ping from Router A to Router B.
How does the Route need to look like?
Thats the form I need to fill out:
Network and subnet mask matches router B's LAN network. Gateway is router B's IP on network A.
Once you have this route in place so that A can send directly to B's LAN, you probably should not NAT on B any more.
Here my current configuration in my Fritzbox:
It still doesnt work - whentrying to ping a device in router B from a device in router A I get this:
When I enter 22.214.171.124 as the Network in my Fritzbox Settings I get the following error when pinging:
You really should not use 69.69.x.x as a private IP. It isn't.
It appears that OpenWrt is firewalling incoming packets on the WAN port, which it will do by default. The input and forward rules should be ACCEPT. The masq and mtu_fix should be disabled.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.