Send some LAN traffic over OpenVPN tunnel, other traffic direct

perdrix · June 3, 2017, 1:05am

I've just put OpenVPN onto a BT HOMEHUB 5A router.

What I want to do is quite like https://lede-project.org/docs/howto/openvpn.client, which AFAICT sends ALL the LAN traffic via the OpenVPN tunnel.

For some of the devices on the LAN, I don't want this to happen, I want their traffic to be NATed out via the normal wan port. I'd prefer to do this based on their MAC address, but can give them static IPs if that's easier.

If possible, I'd also like some sort of "kill switch" so that if the VPN tunnel drops, then traffic that should have gone via the tunnel will be blocked immediately.

I'm never messed with the firewall/routing stuff in LEDE before, so be kind please ...

Thanks lots
Dave

perdrix · June 4, 2017, 4:12pm

I found the Policy based routing package which looks like it should do it for me.

Dave

DannyPM · November 21, 2017, 8:08am

Hi @perdrix, how far have you gone with the "Kill Switch"? What package are you referring to? Has it done the job?

Thanks

perdrix · November 21, 2017, 10:36am

Found the HH5 was way too slow with VPN, so changed router and also the firmware, so never did investigate further.