Openconnect And Routing

Hey there,

I'm having weird issues with my set up (which I know, is indeed a weird set up to being with).
I have OpenWRT (22.03) installed on a VPS (from now on we call it VPS-01) which is in turn connected to an Openconnect server (VPS-02). Now, what I'm trying to do (and been failing) is to connect from another device (let's say my office computer) to the VPS with OpenWRT and my traffic to be routed to the Openconnect server. Some wort of double hop VPN.
The issue is that when I connect to VPS-01 (using Openconnect) it doesn't do anything. I get my own IP as if not connected to the VPS. When I connect to it with Shadowsocks, IP changes, it shows as VPS-02's, however it does not route DNS requests. Basically useless.

Here's my questions:
1- Is such scenario even possible?
2- If yes, is what I've been doing the correct path or as per usual I'm dead wrong? And If It's the wrong path, what it the correct way to achieve it?

All the best.


It sounds correct, but you need to manipulate the routing with policy based routing. You kind of want to forward everything that comes from the roadwarrior to VPS-2 via VPS-1, while packets to roadwarrior should be using the regular uplink.

1 Like