Thank you for all the help with my previous topic of helping me creating a masqueraded private network with my dual band repeater. For those interested, look here.
Right now my setup is as follows:
Private Wifi Network <-- 5 GHz --> RE450 Repeater <-- 2.4 GHz --> Main Router w/ Internet Access
My goal is to have all internet traffic originating from the Private Wifi Network pass through a VPN tunnel.
Many guides exist to achieve the same but most of them are written with a single band router in mind. Personally, I wanted to be able to switch on/off the VPN easily (without SSH) using the LuCi UI so I chose to follow this guide.
However, again since the guide is made with single band routers in mind, he mentions that the firewall forwarding settings should be like:
config zone option name 'VPN_FW' other options config forwarding option dest 'VPN_FW' option src 'lan'
Since I am using a dual band radio, I already have the following forwarding settings in my firewall:
config forwarding option src 'lan' option dest 'wan'
I tried adding two forwarding configs such that it forwarding from lan -> VPN_FW -> wan but that did not work. My non-working forwarding config looked like follows:
config forwarding option src 'lan' other dest 'VPN_FW' config forwarding option src 'VPN_FW' option src 'wan'
Would appreciate if anyone could help me with the correct firewall settings to achieve this.