OpenWrt, DDNS + OpenVPN Client + OpenVPN Server/Wireguard Server

Good Morning Everyone:

My name is Rod and I am very much new to OpenWRT. I have a little bit of a Networking background but mainly with Enterprise grade Firewalls (Palo Alto/Cisco ASA/Untangle). I started tinkering around with OpenWRT a few days ago just to give my Parents old router an upgrade. I want to remotely manage the router for my Parents. I installed DDNS and configured OpenVPN with my NordVPN account and it works fine the whole network is covered by the VPN but the DDNS clients keep using the OpenVPN IP and obviously that means I cannot VPN into the router to administer it. I setup OpenVPN Server and when I turn off the client it working fine as I can get the ISP IP for DDNS. I read about VPN Policy routing but that doesn't seem to work for me. I know the concept of Split Tunneling and on the more advanced firewalls the feature are more built out. Like in Untangle you can dial in the rules for the tunnel you have, I have only a few PCs on my network going through that Tunnel and my DDNS client is using my ISP IP not the Tunnels. I am sure it's probably just something small I'm missing. I tried to implement a rule in the vpn-policy-routing app on OpenWRT but that doesn't seem to work so I'm here reaching out. Maybe my experience with Enterprise firewalls is clouding something, I am open to that possibility. Sorry if I am bring up an old subject.

In the advanced settings, you can specify the interface to use as basis for the IP lookup.

You can disable gateway redirection for the router itself.
And create an explicit policy to route the LAN subnet to the VPN.
https://openwrt.org/docs/guide-user/network/routing/examples/pbr_app

Thank you that worked. I put the line pull-filter ignore "redirect-gateway" in the .ovpn file and it works like a charm

1 Like

You can also take a DNS leak test to make sure it is configured correctly.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.