Posted: Sun Oct 11, 2015 18:47 Post subject: R7000> OpenVPN client and hosting servers
Hello,
I just setup my brand new R7000 with ddwrt 24 and everything is running smooth except for one thing. I can't reach the server I'm hosting when openvpn client is on and I can't figure out why. When openvpn client is off my forwarding rules for port 80 and 443 works fine. But as soon as I enable openvpn client I can't reach my web server from outside anymore. Knowing my knownledge about iptables I'm sure there is something I miss but what?
Does someone have a clue about the situation?
Regards
Last edited by manthis on Fri Oct 16, 2015 12:50; edited 1 time in total
Even though this should be theoretically possible, the arm processor would seriously limit your throughput on both sides, even on the R8000. I would recommend using a raspberry pi 2, or equivalent devices to setup this sort of setup.
Joined: 13 Aug 2013 Posts: 6870 Location: Romerike, Norway
Posted: Wed Oct 14, 2015 8:46 Post subject:
@Paint: It will be even slower on RPI2 as the network interface is connected by a slow USB.
@manthis: I suspect the the inbound forwarding is working, but the reply is routed through the VPN because the default route 0.0.0.0 is altered when the VPN connects.
Route the replay packets back out on the wan interface.
Use a Policy Based routing as the Destination Address is not known as in the Modem Configuration Case.
Test on the lan ip address you have forwarded to and port 80 and 443.
@Paint: It will be even slower on RPI2 as the network interface is connected by a slow USB.
@manthis: I suspect the the inbound forwarding is working, but the reply is routed through the VPN because the default route 0.0.0.0 is altered when the VPN connects.
Route the replay packets back out on the wan interface.
Use a Policy Based routing as the Destination Address is not known as in the Modem Configuration Case.
Test on the lan ip address you have forwarded to and port 80 and 443.
I suspected the same but had no idea how to fix the problem. Unfortunately I guess your links are way above my knowledge since I have no idea what to start with and actually do
I just would like a specific machine trafic not to be routed through the VPN interface but by the regular WAN interface. Could someone with enough knowledge help me to do that?
Ok what I did is enable policy based routing for all my dhcp clients (192.168.1.224/27) in openvpn client configuration. So now my server is reaching wan with my regular ip address and all my dhcp clients on network 192.168.1.224/27 are goint out through my VPN.
I could have supposed I would be able to reach my server easily from outside now, but it's still not working. Does anyone have a clue on how to solve my problem?