Open VPN client routes

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
MystikIncarnate
DD-WRT Novice


Joined: 08 Jun 2012
Posts: 6

PostPosted: Mon Aug 20, 2012 2:03    Post subject: Open VPN client routes Reply with quote
Hello all,

I've tried to setup this config on several versions of dd-wrt to no avail. I'm just getting stuck on one final step.

I'm using a public OpenVPN to route traffic, I have no control over the server settings, so I can't change any of that. I am on the client side only.

I've configured the IPSec and everything and it works! which is great! but there's a problem. Mainly routing.

Basically, the client accepts the push routes from the server regardless of settings. Effectively, I want to be able to setup (preferrably in the config) which routes to push through the VPN, and which to route locally through the WAN. Everytime the VPN connects, it routes all packets through the remote VPN's Default Gateway, which is not what I want.

Is there a good way to get this done? I have some knowledge and skill with writing scripts, but I don't have the experience with OpenVPN running on linux (nevermind dd-wrt), to show me where I would define to run such a script. The script would effectively delete the default route to the remote network, and establish only the routes to the VPN that I wish. I tried using the "additional config" but to no avail, since there doesn't seem to be a way to delete a route from there.

Does anyone have any knowledge of the OpenVPN client for dd-wrt enough to embed a post-connect script that will fix my routing tables? I have no issues mounting jffs, and I have enough space to make it work.

Thanks in advance. Smile
Sponsor
MystikIncarnate
DD-WRT Novice


Joined: 08 Jun 2012
Posts: 6

PostPosted: Thu Aug 23, 2012 1:08    Post subject: Reply with quote
Nevermind. I figured it out. for anyone searching for a way to change pushed routes in openvpn on dd-wrt, here's how I did it.

in Additional Configuration, add...

route-nopull

This will prevent the server from pushing routes onto your system.

Then add the routes you want using:

route network subnet

For example, if you wanted only to route to remote subnet 192.168.1.0/24 (or 255.255.255.0), you would add to additional config:

route-nopull
route 192.168.1.0 255.255.255.0

This will also work with internet routes, except you have to add "vpn_gateway" to the end, to tell your dd-wrt where to send the packets on the remote network. for example, if you wanted to route through the remote network, only packets destined for 172.16.16.0/24, you would add:

route-nopull
route 172.16.16.0 255.255.255.0 vpn_gateway

to your Additional Configuration... this would reject any pushed routes, and add the route through the remote gateway to 172.16.16.0.

Not to put any ideas in anyone's head, but this may be handy for those looking to route through a VPN gateway to specific sites that may not work in their country.... just saying.

Enjoy people. makes me sad nobody could help me with this, but I would be irresponsible if I didn't come back and let those that may search after me, know what the solution was.

Have a happy happy.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum