Posted: Wed May 23, 2012 9:13 Post subject: Route through openvpn based on source ip
Hello!
I have been setting up my home network lately, and almost everything is working perfect now.
Im using a wrt54gl with V24 SP1.
I have two subnets, 192.168.1.0/24 and 192.168.11.0/24.
192.168.11.0/24 is separated from the other subnets, it only has internet access, and everything is working fine. I have setup a port on the switch for vlan11, and attached vlan11 to the bridge br1 that is configured with ip 192.168.11.1.
I also have a openvpn connection to a server on the internet, and i can ping the servers vpn address (10.50.0.1) when the connection is up.
Now i want to route traffic from my subnet 192.168.11.0/24 through the vpn connection before it reaches the internet.
I have tried the following commands that i found on the internet:
Quote:
ip rule add from [source IP]/[netmask] table 200
ip route add default via [gateway] dev [interface] table 200
ip route flush cache
so for my network i ran:
Quote:
ip rule add from 192.168.11.0/24 table 200
ip route add default via 10.50.0.1 dev tap0 table 200
ip route flush cache
but all that happens is that the clients on that subnet loses the connection to the internet.
I have a tcpdump on the VPN server, and i cant see any traffic gets sent to it.
Im a network newbie, and i have already spent three days on trying to get this to work, and the girlfriend is starting to be annoyed of me just sitting infront of the computer when i come home from work I need some help!
trying the same thing ... the QUESTIONS is if the DD-WRT kernel is compiled with the "IP: advanced router" and "IP: policy routing" features ?!
If you do loose connection than at least it does something. When I telnet into the router I can not get any of the IP commands show anything ... bringing up the question if the features are fully implemented.
trying the same thing ... the QUESTIONS is if the DD-WRT kernel is compiled with the "IP: advanced router" and "IP: policy routing" features ?!
If you do loose connection than at least it does something. When I telnet into the router I can not get any of the IP commands show anything ... bringing up the question if the features are fully implemented.
Anyone knows ?
i asked myself the same question.
sometimes it works .. sometimes it doesn't .. i have yet to find out the reason.
which ip command do you use?
the one from /opt/.. or the one from /usr/..? _________________ my dd-wrt configuration:
http://www.dd-wrt.com/phpBB2/viewtopic.php?p=682296