What started as simple/quick test, turned into week of learning, and still can't get openwrt do something which I'd think is the most basic vpn setup
At this point, much rather not go through GUI, if possible CLI solution would be preferred.
Requirement is very very simple. run openconnect (I've got a one liner shell script that does that) to connect to VPN server on internet. From moment that VPN is established, it should be fully routed to LAN ports, but it is not
the openconnect script is already there, and WORKS:
cat ./myp | openconnect -u user --script ./vpnc-script --no-proxy --servercert $CERT vpn.server-ip.com --passwd-on-stdin
This creates a tun0 interface, however it is only routed/available when sshing into the router.
Note: had to use this vpnc-script https://gitlab.com/openconnect/vpnc-scripts/raw/master/vpnc-script
, original script on system, /lib/netifd/vpnc-script
did not work.
The need is to map the tun0 to all LAN ports (both ways). I've tried VPN route policy:
https://forum.openwrt.org/t/vpn-policy-based-routing-web-ui-discussion/10389
and many other GUI suggestions, however, no matter what, VPN is created OK, but only available from the router ports, not from the LAN ports.
If there are set of CLI commands to run to get it to do that, would be great. a bit lost with the GUI and config files, has few "glitches" (will not get into not to distract focus), like inability to setup re-connect "timeouts/retries" to any created vpn "interface", so much rather handle that logic in CLI if possible, just need to map VPN to LAN network.. simple?
Thanks for any tips.
Stormy.