Posted: Sat Aug 09, 2014 19:05 Post subject: OpenVPN for specific host(s) on LAN?
I would like to run the OpenVPN client on my DD-WRT router, and have the traffic from a specific host or hosts on my LAN go through the VPN. Traffic from the other hosts would not pass through the VPN.
I cannot install an OpenVPN client on the specific host because it is an embedded device that is not open for new software. Therefore, I would like to install the VPN client on the router. (DD-WRT v24-sp2 std-usb-nas) on Linksys E4200) The OpenVPN server would be provided by a service like IPvanish.
Is there a configuration to route only specific host's traffic through the OpenVPN tunnel?
I'm quite a n00b, so I'm just guessing that my question is related to the OP's question.
I will receive soon my TP-Link WR1045ND v1.8 router with dd-wrt installed on it (believe the latest version).
I have two PC's connected to the router and for both I'm using openVPN with EarthVPN service. Is it possible to configure the router that only the two PC's traffic (both fixed IP on local net) are using the openVPN connection, but all the other devices connecting to the router access internet directly, not through openVPN (othe computers on LAN, and all the wifi devices)?
EDIT: to make it simple:
IP: 192.168.1.103 and 192.168.1.104 all the traffic over openVPN, and all the other assigned fixed or DHCP IP's direct access to internet.
If yes, can you please link me a tutorial for this or give me a hint how to start?
Since it is a quite advance configuration, I would like to ask for your help. I can set up openVPN client, but please help me with the policy based routing. I have red a lot about it, and there are things I'm not sure.
I would like to have only the following two ip's to go through openVPN:
192.168.1.103
192.168.1.104
All the other ip's (including GUI, 192.168.1.1) to NOT use vpn but access directly my ISP.
What should I enter into the Policy Based Routing and in what form?
I would not like to lock myself out from the router GUI, etc.
i didnt use it myself, so i cannot give you further information, but this is, what you are looking for. _________________ RT-N66U @ Build 25697M K3.10.63
TL-WR842ND v1 @ BS-build 23919 WDS AP
TL-WR841ND @ BS-build 23919 WDS Client
TL-WR841ND @ BS-build 23919 Client Bridge ( Routed )
I finally managed to configure everything and it looks like it is fully working.
I managed to configure openVPN client with the provider I have subscription.
To add only a specific device that goes through VPN connection, you need to add the ip or the range into Policy Based Routing.
So in my case:
192.168.1.103/32 and 192.168.1.104/32
Watch out for /32 If you add only a single IP address you need to put /32.
Also, forward the UDP (or TCP) port of the vpn connection to the IP you wish to use VPN (In my case 192.168.1.103 and 192.168.1.104), otherwise the firewall would block access.
This is very good, as now I can redirect traffic from all kind of devices through VPN.
Just assign a fix ip to the device, and here you go.
I want to do the same thing your doing except i want to send all traffic from 192.168.1.103/32 over openvpn tun1 interface except for port 80,443. Any direction on how to do that? I have found examples but can't get any to work just right.