[flakie]

Hi

I am a newbie to dd-wrt and have zero linux experience.
I have just bought and configured a Linksys WRT1900ACS with dd-wrt and the vpn client.
It all works perfectly and am very impressed.

What I would love to do is configure it so just the wifi uses the vpn client and anything plugged in via ethernet does not. Alternatively specific ip addresses do not use the vpn client.

Is anything like this possible?

Many thanks

[spuriousoffspring]

Check out Policy Based Routing. You can specify what devices on your network use the VPN Tunnel via IP Address.
*Whatever IP you put in the box will use VPN while all others do not

Located in Services Tab - VPN Sub Tab.

https://www.dd-wrt.com/wiki/index.php/Policy_Based_Routing

[flakie]

[spuriousoffspring]

No need to apologize! I’m still a novice at most of this. No one starts as an expert.

I haven’t used PBR in awhile, but I believe you also need to include the subnet (the number in an IP address after the /).

Try it first without and then if it doesn’t work put the subnet on the ip addresses in the PBR box.

Here’s a website to help explain as well as an IP Calculator:

https://serverfault.com/questions/49765/how-does-ipv4-subnetting-work

http://jodies.de/ipcalc

[spuriousoffspring]

I know that it’s one IP Address per line.

I think the subnet is needed if you want to include a range of IP Addresses.

[flakie]

[spuriousoffspring]

Did you reboot router after setting up PBR?

Do you have a kill switch configured on your VPN?

Those are the two I would try first.

Also, what VPN Provider do you have?

[flakie]

Yes I have rebooted the router.
Result is the same
Not sure about a kill switch but i do not think i have one. Did not know it was possible in dd-wrt.
I am using IPVanish.

Without PBR all clients use the vpn and work very well. Am achieving good vpn speeds of 50 Mbps on a 100 Mbps line.
As soon as I enter an ip in PBR that machine cannot browse the web but all other devices can and are going directly through the isp, not via the vpn (so that much is working).
Hope that makes sense.

[flakie]

all working now

The problem was having Shortcut Forwarding Engine enabled.

http://www.dd-wrt.com/phpBB2/viewtopic.php?p=1092791&sid=4f746f007d7bda32309f8242013e004e

[spuriousoffspring]

Nice catch! I didn't know that SFE interferes with PBR. Now I do!

Hopefully this'll help someone else.

Glad you got it working

[Whatsmyip]

After hours of searching this post did the trick. Thank you so much to everyone who contributed. I tried everything and as soon as I deleted the firewall commands in command shell- I was able to tunnel via VPN only through the IP I set in PBR.

Now I want to know how I can reinstate a auto kill switch on the devices using a VPN?

I'm using Nord VPN and inputed the setup manually via their tutorial.

Thank you so much

[spuriousoffspring]