How to duplicate dumaos' hybrid vpn in openwrt?

Bul · March 29, 2025, 6:50pm

Hi, I'm new to the forum, replacing the xr500 I lost the hybrid vpn of dumaOS, basically I could route the vpn on the single port of the tcp443 geolocation using the data transmission of the place where I live, (this vpn is for gaming) I was wondering if I could replicate it somehow

frollic · March 29, 2025, 6:56pm

Physical port or TCP port ?

What does port 443 have to do with geo location?

You you live inside internet, or do you mean the internet access at home ?

Bul · March 29, 2025, 7:21pm

I probably don't have the skills to explain it efficiently, in gaming the tcp port 443 is used by most online games for geolocation, in dumaos there was this vpn function where it allowed you to send vpn traffic on a tcp or udp port, as far as gaming is concerned the tcp port 443, in short in call of duty I tell matchmaking that I come from a geographic area x, but I play in my region so I have a low ping, I don't know if I made myself clear

frollic · March 29, 2025, 7:24pm

There's Geomate - Geographic Game Server Filter for OpenWrt to achieve a similar (I think) feature.

Bul · March 29, 2025, 7:32pm

this is the function of hybrid vpn not the geofilter, they are two different things, one influences your matchmaking search the other that interests me is to change the geolocation, I would like to apply the VPN on a device "x" exclusively on the tcp443 port, I would like to understand how to do it

frollic · March 29, 2025, 7:39pm

Bul · March 29, 2025, 7:53pm

unfortunately I'm new to the world of openwrt and all today I've been looking, I saw this pbr but it's difficult for me not having the technical knowledge of the settings, maybe you can guide me or illustrate a guide for a beginner like me

frollic · March 29, 2025, 7:57pm

Bul · March 29, 2025, 10:11pm

it's too difficult for me, unfortunately in the videos they take very different paths from mine, I haven't been able to find one that does the things useful for my purpose, I can't extrapolate the things I need from the videos, they are too complex

Bul · March 30, 2025, 6:44pm

I kept trying and watching videos, but on how to set up pbr and make the vpn pass only on the tcp port 443 it seems impossible to me

Hudra · March 31, 2025, 12:48pm

Since you haven't provided much information and I don't know which VPN provider you're using, here is a general step-by-step guide for setting up ExpressVPN on an OpenWrt router using an OVPN configuration via the LUCI interface. I hope you can extrapolate the relevant settings for your setup from this guide.

To better understand what pbr is doing and how to set it up refer to the documentation...

Setup OpenVPN and PBR
Upload the OVPN Configuration File

Log in to your OpenWrt router’s LUCI interface.
Locate the VPN Section - Navigate to the VPN configuration area where you can upload files.
Select the ExpressVPN OVPN configuration file from your computer and upload it to the router.

Edit the Client Configuration

In the LUCI interface, open the uploaded OVPN file by clicking on edit.
If your VPN provider requires a username and password, you need to insert your credentials where it says:

Section to add an optional 'auth-user-pass' file with your credentials

Enter your ExpressVPN username on the first line and your password on the second line.

Specify the Authentication File in the config file:
Copy the file path shown in the text your credentials (/etc/openvpn/ExpressVPNAustria.auth) and paste it into the aut-user-pass option in the configuration file (above).
Should look something like this:

....
auth-user-pass /etc/openvpn/ExpressVPNAustria.auth
pull-filter ignore "redirect-gateway"
....

Add the directive to ignore the default gateway redirection by including:

pull-filter ignore "redirect-gateway"

This is important and prevents the VPN from overriding your normal gateway settings. Without this option, all connections would go through the VPN by default. With this setting, everything goes through your WAN interface by default, and only traffic specified by PBR rules is routed through the VPN.

(Optional) Set Up Multi-VPN Configuration

Define Tunnel Interfaces:
If you plan to use more than one VPN connection simultaneously, make sure to specify a unique tunnel interface for each connection (e.g., tun1, tun2, etc.) in the configuration file.

First VPN

dev-type tun
dev tun0

Second VPN

dev-type tun
dev tun1

Configure Network Interfaces:
Create corresponding network interfaces for these tunnels in OpenWrt and assign them to the appropriate firewall zones.
Restart the VPN Service:
After configuring these settings it's probably best to restart your VPN service so that the new tunnel interfaces are active - or reboot.

You also didn't mention which game you're playing, but I'm guessing that you want to spoof your location in COD/Warzone. The rule for that looks like this:

config policy
	option name 'Cod'
	option src_addr '192.168.1.111'
	option proto 'tcp'
	option src_port '30000-65535'
	option dest_port '443'
	option interface 'tun0'
	option enabled '1'

Bul · April 1, 2025, 11:02am

thank you for taking the time to help me! I'll try today/tomorrow and tell you, very kind

Bul · April 1, 2025, 1:33pm

I did the steps and I don't understand if I succeeded, I can't do speedtet and geo-ip as if they were blocked, I can surf on youtube and I can't open battlenet.. I play warzone and I'll show you the photo of how I had set up the vpn on the duma, (red photo), I'll also put the settings of how I try to replicate it on the flint 2
Uploading: IMG_2961.jpeg…
Uploading: IMG_2962.jpeg…
Uploading: IMG_2963.jpeg…
Uploading: IMG_2964.jpeg…

Hudra · April 1, 2025, 5:10pm

Probably not… Port 443 is used for HTTPS, so if you for example, go to https://speedtest.net and nothing happens, it likely means you’re not properly connected to the VPN or the VPN is down. It seems like you might have misconfigured something. Are you sure you set everything up correctly? Please also check the Service Gateway status in luci-app-pbr… if you see 0.0.0.0 there something is wrong…

If you’re routing port 443 through the VPN on your gaming PC, the expected outcome is that speedtest.net or GeoIP should show your VPN location.

Try going through the setup instructions again step-by-step and make sure to read the OpenVPN and PBR wiki carefully.

Also use the forum search function to look for setup instructions for your specific vpn provider.

Also your images aren’t working…

Bul · April 3, 2025, 3:35am

It took me 1 week and in the end I retired the duma, next step is to understand how to install the geofilter

Bul · April 3, 2025, 3:36am

thank you! as a novice I managed to do it, the hard part was setting up the firewalls properly!

kjoshj · April 6, 2025, 1:18am

Just FYI, if you like OpenWRT now, you can flash the XR500 with OpenWRT and use it as a backup or access point. It looks like it should easily let you do it through the web GUI, it's quality hardware for an AC router.

system · April 16, 2025, 1:18am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.