Posted: Tue Oct 27, 2020 21:02 Post subject: vpn limited to specific ip(4) adress or range.
Hey guys/girls, i have a tp-link wr1043nd v3 with DD-wrt build r40559. the vpn is surfshark and i have it set it up following the configuration on the surfshark vpn site which was easy and functional.
but this works for my entire network, now i was wondering if it is possible (and if, how) to limit the vpn funcionality to a ip-adress or a specific ip-range. Either would be oke.
i tried to look for an answer (which i assume to be already on here) but i got thousands of unrelated answers no matter what filters i tried to use.
for the moment it is a bit complicated to understand what is written there.. so i am going to dive in and come back on the topic at a later stage.
@alozaros.
I already have the dd-wrt running as well as the vpn so i am not sure what these two links should do for me, but maybe i will understand at a later stage. thanks for your reply anyways.
thanks for your reply, actually i did read it, specially point 8.
so i have these 2 questions to try to understand things properly.
should/can i assume that a newer build is always better (better being more stable)? Generally this is the intention but it also fails and for now this build seems pretty stable (allthough there is room for improvement) more stable then my older dd-wrt version (older then the one from the database) which i then (long time ago) didn't download from the database, following point 8. Ofcourse i since then updated to the newest version (r44700), but for me new isn't the issue, stability is! so basicallly anything from r41174 should do, right?
secondly, as i feel that my initial question had nothing to do with stability problems, just on information on how to set my router / vpn up in a matter that i can use the vpn on only one ip-adress only or a ip-range. Since i don't know how to do that, i really didn't made any attempts, hence i didn't run into any problems to solve, except my own ignorence on the topic on the topic.
hope this makes some sence..
Kind greatings
Matthieu
PS: am diving into understanding the Policy Based Routing guide for DDWRT thread.
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Sun Nov 01, 2020 16:39 Post subject:
No problem we are here to help
There is no such a thing as a stable build all builds are beta.
One thing you should not do is use the router database.
Normally use one of the last builds, look at the build threads and if you do not see any showstoppers then use one of those.
You already have a link for the Policy Based Routing guide which is the one to use, it is actually very simply set the IP addresses of the clients you want to use the VPN in the PBR box use CIDR as outlined.
There are some caveats mainly DNS but that is also discussed
thank you all for your replies, i finally got it all up and running and indeed it was quite a simple setup knowing what i know now.
Unfortunately, although it now does exactly what i asked and hoped for it created another problem that i overlooked.
i have a network with:
DD-wrt (r44700) openvpn
- nas (asustor) running plex server and deluge
- Smart TV
- ed.
so i want deluge to run behind a vpn, but the rest of my network not (slowing down, specifically streaming netflix) and if i do i can run that locally.
so i thought to run only the vpn on the nas ip, which worked, but then the smart tv doesn't see the plex server anymore. so although it works it is kinda useless.
i looked into setting up openvpn within the deluge program but i don't see an option there.
but that no longer has anything to do with dd-wrt so i will look into that and not bother you with that.
another option i thought of to just run the vpn to the nas ip only for the ports that deluge uses, maybe that would work.
any visions on that?
anyway.. there has to be a solution, just need to find the right / best way of accomplishing that.
kind regards
Matthieu
ps: (found out i am also running an old deluge version and not running docker-ce, so i will first update that too and see how that works and then go from there).