Hi, i'm struggling to work out how to best achieve this, basically i have want to run a
openvpn server for in and out traffic when i am out and about.
a openvpn client to america that two devices on my internal network solely communicate through
and another openvpn client to Europe that another internal device talks solely through
then the remaining clients on my internal network just hit the external wan as normal.

I have my vpn server working ok, and both the client vpn connections working as and when i switch them on.
so i assume it's just a matter of telling specific clients to talk through specific interfaces, and if that interface goes down, stop talking.

Can any one suggest best solution to achieve this? do i setup a new interface and put them on it somehow? then route that through the vpn interface.. ? different dhcp scope? or do i need to setup mwan3 ? if so any pointers?

any suggestions will help thanks..

(Last edited by marktomlinson32 on 10 Feb 2017, 06:50)

I've written a package just for that: https://forum.openwrt.org/viewtopic.php?id=69719

I haven't thought anyone would be using more than 1 OpenVPN tunnel tho, so you can modify the code/config to have 2 different OpenVPN tables instead of just 1.

Thanks for the reply, OK so to understand... you are saying just use this package.. ( not the vpn bypass one aswell)
then amend it to accommodate two vpn routes and then set policies accordingly.

also before i install, what config files does this have interaction with? as in what do i need to backup before i install in case i have to revert.

(Last edited by marktomlinson32 on 10 Feb 2017, 09:34)

use mwan3, the openvpn interface will be treated as a regular wan interface.

mwan3 doesn't seem to like open vpn tun's as it can't see the interface as online even though it is and you can ping -I through it.

I've updated openvpn-policy-routing to version 3.0 which now supports multiple OpenVPN tunnels.

It uses its own config file (/etc/config/openvpn-policy-routing), which luci-app-openvpn-policy-routing modifies.

If you're not satisfied with it, just make sure to run /etc/init.d/openvpn-policy-routing stop (or stop service using Web UI) and uninstall openvpn-policy-routing and luci-app-openvpn-policy-routing.

If you have any additional questions on openvpn-policy-routing -- please post them in the thread I linked above.

replied to your thread thanks

well that's weird, im using mwan3 with 2 openvpn interface (1 connected through my company's VPN and 1 for a VPN service out there) and both of them works fine, with 1 exception with my company's VPN since it doesnt allow ICMP so I disable monitoring on that interface and it was always up. Also monitoring a OpenVPN interface is pointless, since the OPenVPN it self can handle that, it can get interface up or down on its own, it doesnt require any kind of monitoring.

(Last edited by remlei on 11 Feb 2017, 08:32)

the interfaces are up as i can ping -I tun(X) www.google.com
mwan3 just sees them as offline. ( an that changes from unknown to offline once you start the tunnel, so it is seeing something)

i am running this build
https://forum.openwrt.org/viewtopic.php?id=50914

following this guide
https://www.leowkahman.com/2016/06/19/c … stname-ip/

and i believe i am getting this issue
https://github.com/openwrt/packages/issues/3486

any ideas?

^go to diagnostics and set it up. else if its still down, probably you missed something on the configuration regarding the interfaces, that means each interface must have has its own metric value.