I installed the OpenVPN client and added a config file that should work with my VPN host. The difficult part is that I have two LANs. I want one to be on the VPN (LAN2) and the other not (LAN1).
In order to route LAN2 to the tunnel, I set up the default gateway for tun0 on a separate routing table. I had to add a rule to use that table on the LAN2 interface.
I have it partially working. When I use a computer on LAN2, I can access the Internet via the VPN. However, port forwards don't work. I can't figure out why. I suspect it has something to do with the additional routing table.
When I run tcpdump on tun0 I can see requests incoming to the IP address provided by the VPN host. They don't get to the LAN2 interface, though.
How can I diagnose this? Shouldn't port forwarding work?
If the port forwarding is correct, then the packet will get forwarded to the host in LAN2. If you don't see any reply ingress in LAN2 it might as well be a problem on the host.
Please run the following commands (copy-paste the whole block) and paste the output here, using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have
ubus call system board; \
uci export network; \
uci export dhcp; uci export firewall; \
nft list ruleset; \
ip -4 addr ; ip -4 ro li tab all ; ip -4 ru; \
ls -l /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/* ; head -n -0 /etc/resolv.* /tmp/resolv.* /tmp/resolv.*/*
Thanks. Maybe I am doing something that is conflicting. I'll run those commands and collect the output. I had to revert to the old configuration but I will get some other hardware to test on. There may also be a window of downtime where I can take down the primary network long enough to test.
