I'm wondering how to allow incoming connections while using an openvpn client on my router. I'm using the openvpn configuration provided by ProtonVPN, and it seems to be pulling several routes from the server which override the default route so that all traffic is forced over the VPN.
After reading about it, it seems I would have to avoid pulling the default routes from the server, and set up a second routing table with policy based routing to route traffic from my LAN to the correct gateway on the VPN interface. What I'm wondering is how to enable incoming connections with that setup?
If traffic from my LAN is being routed to the gateway on the VPN interface, how can I allow connections from the normal WAN interface to be forwarded to a LAN device and allow it to respond? As far as I can tell, if I set up a routing table to send LAN traffic over the VPN interface, when a LAN device receives a connection from WAN, the reply will be routed to the VPN interface rather than the WAN, and the reply will reach the connecting device from the wrong IP.
Apologies if I haven't explained this very well, and apologies that I haven't listed any configurations here, I haven't actually set any of this up yet, just a basic configuration (which works, aside from no incoming connections from WAN).
Any advice would be greatly appreciated.