Hi,
I have what seems to be a common use-case around here:
- I have a single device on my network that I would like to route through VPN
- If the VPN goes down for any reason, I want that device disconnected from the internet entirely
I can't get the killswitch to work.
I am primarily using LuCI for my configuration. So I installed the LuCI OpenVPN and the LuCI PBR software. Prior to configuring PBR, I had my entire networking running through the VPN without trouble. I then added "pull-filter ignore "redirect-gateway" to my .opvn file and added a special rule in PBR to state that only one particular device should be routed through the VPN. This seemed to work wonderfully. However, when I came to test the killswitch by disabling the OpenVPN instance, that device simply reverted to being routed straight to the internet (exposing the IP address).
I have "Strict enforcement" enabled in my PBR settings, I thought this was supposed to stop that device from being routed in any way other than what was specified in PBR. Am I misunderstanding something?
I am not much of a networking guy, sorry if I have said something stupid.