Hi

can somebody say me what is the correct configuration to allow connect to a listen port in a server inside my LAN using the tunnel of VPN pptp.

Actually I have connected the VPN tunnel to my router OpenWrt Barrier Breaker 14.07 and for less I have ping using the IP static of VPN..

what config file I need to check ??

scenery

                                ---------------
                              |                      |                                                                             ------------
WAN 180.X.X.X ---| openwrt-box |--- LAN 192.168.1.1/24 --- 192.168.1.105/24 ---|  Server  |
                              |                      |                                               listen port 14000    ------------
                                ---------------
                                       I               
        PPTP 172.X.X.X/32

I can not connect from 172.X.X.X/32 to 192.168.1.105:14000
Neither from 172.X.X.X/32 to 192.168.1.1:22

I have only PING after allow echo-request in firewall for zone VPN
AND using this (Routing packets back from incoming interface pptp)

echo "1 vpn" >> /etc/iproute2/rt_tables
ip route add 172.X.X.X/32 dev pptp-vpn table vpn
ip route add default via 172.X.X.1 dev pptp-vpn table vpn
ip rule add from 172.X.X.X/32 table vpn
ip rule add to 172.X.X.X/32 table vpn
ip route flush cache

maybe for now can somebody help and say me how connect 172.X.X.X/32 to 192.168.1.1:22

(Last edited by jxtrem on 16 Nov 2017, 20:02)

you will need also firewall rules that allow forwarding the packets between the zones for any protocols you need/want

or make the vpn zone part of the lan zone, that is what I do on mine.

(Last edited by WWTK on 16 Nov 2017, 23:48)

I do this also

config zone
        option name 'vpn'
        option output 'ACCEPT'
        option network 'vpn'
        option input 'ACCEPT'
        option forward 'ACCEPT'
        option masq '1'

config forwarding
        option dest 'lan'
        option src 'vpn'

config forwarding
        option dest 'vpn'
        option src 'lan'

doenst work.

I only want to do this

I want keep the default gateway of my lan the WAN and ONLY use the gateway of PPTP when the package arrive from the same PPTP and this packages can access to LAN

route command in openwrt router

192.168.8.1 is the gateway to LTE modem

how can i  do vpn zone part of the lan zone ??

(Last edited by jxtrem on 17 Nov 2017, 01:10)

I route everything through the vpn when i'm attached with:

push "redirect-gateway def1"

This may not work for you if you don\t want internet traffic going through your vpn, for me its exactly what I want so it makes things simple and I can attached to all three of my networks

I see.

I want only send the traffic through the VPN when the incoming packages arrive from the VPN. All other case can use WAN interface.

well yes, i don't mean traffic goes to the vpn from the router, just that everything from the vpn client goes through the router.

so, the remote pc once on vpn all traffic goes to the vpn server even though it has an internet connection local, the vpn client pc will send internet traffic through the vpn as well as traffic destined for networks hosted on the vpn router.

You can also modify the push to only push the routes you want going to the vpn.

mmm xD I dont know how use this  push "redirect-gateway def1" . I will research

in other hand, I know if I create a static route for known IP of incoming to VPN tunnel the connection is established with the server successfully, BUT I can not create infinite static route for all unknown IPs LOL
for example

(Last edited by jxtrem on 17 Nov 2017, 01:36)

yes but the routes must get pushed to the client, either route all traffic or push individual routes only the ones you wish to reach on the vpn router.

This may help:

https://openvpn.net/index.php/open-sour … howto.html

Oh!! thanks but i dont have openpvn

I think i will leave my project xD