Hi there,
I've recently got a new hardware - ASUS RT-N66U running Chaos Calmer 15.05.1
I'm not a pro in Networking and Routing, and after reading tons of guides, I'm totally confused.
Thats why Im here, asking you for help. I will appreciate any piece of advice!
So, my current setup looks like:
------------ISP------------
|
=========ASUS RT-N66U-=====
|
OpenVpn Client (default setup, which route all traffic)
| | |
TPLINK (for WiFi) client1(eth) client2(eth)
|
clients ( 3,4...)
Question#1: "How could I setup target routing?" (for example: client1 to VPN, client2 to ISP )
unfortunately I need to say that I'm totally noob in iptables...and i cant find any Openvpn GUI for Chaos Calmer...
Question#2: "How could I setup the SSH tunnel for specific client?" (something like Openssh>>socks>>route client to socks>>client appears at SSH server network>>> profit )
I really hope for your help, community!
My configs:
network
config switch 'eth0'
option name 'eth0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'eth0'
option vlan '1'
option ports '1 2 3 4 8t'
config switch_vlan
option device 'eth0'
option vlan '2'
option ports '0 8t'
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config interface 'lan'
option force_link '1'
option proto 'static'
option netmask '255.255.255.0'
option ifname 'eth0.1'
option ipaddr '192.168.21.1'
option delegate '0'
option dns '4.2.2.1 8.0.31.0'
config interface 'wan'
option ifname 'eth0.2'
option proto 'pppoe'
option username 'XXXXXXXX'
option password 'XXXXXXXX'
option delegate '0'
config interface 'vpn0'
option ifname 'tun0'
option proto 'none'
option delegate '0'
option auto '1'
firewall
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option network 'lan'
option forward 'REJECT'
config zone
option name 'wan'
option input 'REJECT'
option output 'ACCEPT'
option forward 'REJECT'
option masq '1'
option mtu_fix '1'
option network 'wan wan6 wwan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'
config rule
option name 'Allow-IGMP'
option src 'wan'
option proto 'igmp'
option family 'ipv4'
option target 'ACCEPT'
config include
option path '/etc/firewall.user'
config rule
option src 'wan'
option dest 'lan'
option proto 'esp'
option target 'ACCEPT'
config rule
option src 'wan'
option dest 'lan'
option dest_port '500'
option proto 'udp'
option target 'ACCEPT'
config forwarding
option dest 'wan'
option src 'lan'
config zone
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
option network 'vpn0'
option name 'openvpn'
config forwarding
option dest 'lan'
option src 'openvpn'
config forwarding
option dest 'openvpn'
option src 'lan'