Setting up a dedicated VPN VLAN

tmomas · October 17, 2019, 1:38pm

If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.

trendy · October 17, 2019, 2:42pm

Just like you have it here.

heyho · October 18, 2019, 5:26am

Trendy.

Thanks for all your help. Just quite get the syntax right to be able to filer only 192.168.0.x through the VPN but I will keep on trying over the coming days.

Problem is I have most the time when i am accessing it remotely and I keep on stopping my dynamic dns connection lol

heyho · October 18, 2019, 10:09am

I still not getting this. And it is starting to annoy, me as it must be a logical thing as Mt Spock said (or my age).

So my OpenVPN is all setup without traffic going through it I have three interfaces - LAN, WAN and VPN and three zones - lan (lan -> wan+VPNZone), wan and VPNZone. I also tried setting up a traffic rule within Luci that takes 192.168.0.3 ip address in lan and sends it to VPNZone.

What am I missing.

By the way invoking:

config rule
        option in 'lan'
        option src '192.168.0.3'
        option lookup '100'

config route
        option interface ''VPN"
        option target '0.0.0.0'
        option netmask '0.0.0.0'
        option metric '200'
        option table '100'

seems to send all traffic i.e. I lose remote connection

trendy · October 18, 2019, 10:50am

Try with 192.168.0.3/32

This is case sensitive, so make sure you have interface VPN and not vpn. Also use ' instead of " (although I've seen them both).

If you still have issues post here the following:
uci show network ; ip -4 addr ; ip -4 ro ; ip -4 ru ; iptables-save

heyho · October 18, 2019, 12:02pm

SORTED!

The following works

config rule
        option in 'lan'
        option src '192.168.0.13/32'
        option lookup '100'

config route
        option interface 'VPN'
        option target '0.0.0.0'
        option netmask '0.0.0.0'
        option metric '200'
        option table '100'

Many thanks. I have learnt a lot on the way

heyho · October 19, 2019, 12:47pm

Just a little footnote (and which I suppose makes sense). I tidied all my config up including recreating the OpenVPN instance the same as the interface i.e. VPN.

This stopped the VPN working so I recreated then OpenVPN instance with another name and it was ok again.

Just posted for reference

system · October 29, 2019, 12:47pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.