Open vpn on wired devices


is it possible with open vpn on the router, to just configure it for the wired devices ?

and my 3 wifi devices without.

Do you mean that you have an openvpn client running on OpenWrt and you want to route only the wired clients, not the wireless, which should be routed via the regular ISP?

Yes :slight_smile:

I use expressvpn vpn. 2 wired devices to VPN clients and 3 wireless devices through isp.

Trendy may have another recommendation as a long time contributor on this forum.

Here is what I would do:
You basically need to set rules that route some of your traffic through your VPN or bypass it (send it through the WAN).
Install both vpn-policy-routing and luci-app-vpn-policy-routing
Familiarise yourself with what it does:
When you add a policy, you have to specify local addresses or devices. Use the @ symbol, it will allow you to route your wired devices through your VPN and your wireless devices to bypass it.

Here is the section of the readme that tells you what src_addr ("Local addresses / devices" in Luci) is:

List of space-separated local/source IP addresses, CIDRs, hostnames or mac addresses (colon-separated). You can also specify a local interface (like a specially created wlan) prepended by an @ symbol.

The proposal from @Darius is one variant.
The other variant is to use a static route in a new routing table towards the ISP (taking in consideration that the default gateway is the VPN) and 3 rules (each for every wireless device) to use the new routing table.

Change the src to the IP of the wireless hosts. If they are not static, you can make some static leases in DHCP.
Then use the appropriate interface instead of vpn, the default is wan.