[SOLVED] Route selected destinations via VPN

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
uvz123a
DD-WRT User


Joined: 01 May 2023
Posts: 51
PostPosted: Sat Dec 30, 2023 21:26    Post subject: [SOLVED] Route selected destinations via VPN Reply with quote
Router Model: Netgear R6300V2
Firmware Version: DD-WRT v3.0-r54475 std (12/07/23)
Kernel Version: Linux 4.4.302-st46 #10645 SMP Wed Dec 6 08:59:01 +06 2023 armv7l

The "Route selected destinations via VPN" option does not seem to work - all traffic goes through the WG tunnel.

If the "Route selected destinations via WAN" is selected, then IPs in the PBR are skipped from the VPN tunnel.

Does anybody have any idea what is wrong? Or is the option "Route selected destinations via VPN" just not working?

Last edited by uvz123a on Sun Dec 31, 2023 20:19; edited 1 time in total
Back to top View user's profile Send private message
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12923
Location: Netherlands
PostPosted: Sat Dec 30, 2023 22:00    Post subject: Reply with quote
I am not quite following you.

You chose route selected destinations via the VPN and now you are complaining that it actually is routed via the VPN Shocked

Wireguard guides are a sticky in this forum.
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top View user's profile Send private message
uvz123a
DD-WRT User


Joined: 01 May 2023
Posts: 51
PostPosted: Sat Dec 30, 2023 22:29    Post subject: Reply with quote
egc wrote:
You chose route selected destinations via the VPN and now you are complaining that it actually is routed via the VPN Shocked

I think you did not read my comment.
I said that all traffic is routed through VPN, not only IPs that are listed in PBR (if using Route selected destinations via VPN).
"Route selected destinations via WAN" works as expected - the listed IP addresses do not go through the VPN.

In PBR I put only IP addresses 188.144.96.3, 8.8.0.0/16 and "Route selected destinations via VPN" option is used.
If I traceroute any other IP from my PC (in my case google.com, but it could be any address that is different from PBR), it also goes through VPN. But it should not. This option is not working or am I missing something?

I just want for some destination IPs that go through the VPN, but not all the traffic.

Last edited by uvz123a on Sun Dec 31, 2023 1:16; edited 1 time in total
Back to top View user's profile Send private message
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 6872
Location: Romerike, Norway
PostPosted: Sat Dec 30, 2023 23:25    Post subject: Reply with quote
You have Allowed IPs 0.0.0.0\0. That is all destinations.

PBR should contain the addresses on the LAN for those Who will use the VPN, not public addresses on the Internet.
Back to top View user's profile Send private message
bushant
DD-WRT Guru


Joined: 18 Nov 2015
Posts: 2038
PostPosted: Sun Dec 31, 2023 0:26    Post subject: Reply with quote
You have selected "Route all sources via VPN"

This means EVERYTHING goes over VPN from all devices.

To then add "Route selected Destinations via VPN" is merely redundant.
_________________
Forum Guide Lines (with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips!)
How to get help the right way
Before asking for help - Read the forum guidelines AND Upgrade DD-WRT!
Adblock by eibgrad (1.1M blocked) + Blocklist Collection

Back to top View user's profile Send private message
uvz123a
DD-WRT User


Joined: 01 May 2023
Posts: 51
PostPosted: Sun Dec 31, 2023 1:14    Post subject: Reply with quote
bushant wrote:
To then add "Route selected Destinations via VPN" is merely redundant.

You are probably right. It is hard to understand all those settings and interdependence between them.

I think I solved my problem. Per Yngve Berg pointed to it, thanks.

Changes from my previous config in the upper screenshot:
⦁ Destination Routing is set to default route
⦁ At Allowed IPs I have listed destination IPs that I want to go through VPN tunnel

If the destination IP is listed, then traffic goes through VPN, otherwise it goes directly through WAN. After a few minutes of testing it looks like that it is working like I want.

I am using a service that is country specific (eg. Netflix). I don't need that all traffic goes through tunnel, only traffic for that service.
Back to top View user's profile Send private message
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12923
Location: Netherlands
PostPosted: Sun Dec 31, 2023 7:43    Post subject: Reply with quote
You could have simply set the Source Routing to `Route Selected Sources via the VPN`, from the guide:

Quote:
Route Selected sources via VPN:
This is the classic PBR where everything entered in the PBR box will be route via the VPN, everything else is routed via the WAN.


The default setting is route everything (all sources) via the VPN.

To be sure you understand, you then just leave the `Source for PBR` box empty as you do not want any sources via the VPN.
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top View user's profile Send private message
uvz123a
DD-WRT User


Joined: 01 May 2023
Posts: 51
PostPosted: Sun Dec 31, 2023 20:17    Post subject: Reply with quote
egc wrote:
To be sure you understand, you then just leave the `Source for PBR` box empty as you do not want any sources via the VPN.

Thank you very much for the explanation. This now works as desired.
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum