heredago's blog

September 17, 2013

how to connect to a VPN server on a TomatoUSB router and then only tunnel the traffic to specific hosts

Filed under: Uncategorized — Tags: , , , , , , , , , — heredago @ 20:48

1- setup openvpn connection on the router

https://www.privateinternetaccess.com/pages/client-support/#tomato_openvpn

https://www.privateinternetaccess.com/forum/index.php?p=/discussion/110/updated-tomato-setup-for-newer-branches-including-tomatousb

 

2- ImageImageImageImage

 

 

then

2- only tunnel specific hosts route through openvpn client on tomato

http://serverfault.com/questions/382498/howto-only-tunnel-specific-hosts-route-through-openvpn-client-on-tomato

I finally did it 🙂

I’m using v1.28.9054 MIPSR2-beta K26 USB vpn3.6, but should work on others, as it’s networking.

OpenVPN wants to setup all your routing, you’ve got to stop that…

In VPN Tunneling/Client/Basic: Uncheck “Create NAT on Tunnel”

In VPN Tunneling/Client/Advanced: Uncheck “Redirect Internet Traffic”

Custom Configuration, add the line: route-nopull

 

In Administration/Scripts/Firewall, make sure you have:

iptables -I FORWARD -i br0 -o tun11 -j ACCEPT
iptables -I FORWARD -i tun11 -o br0 -j ACCEPT
iptables -I INPUT -i tun11 -j REJECT
iptables -t nat -A POSTROUTING -o tun11 -j MASQUERADE

Reboot, and viola, you got nothing…

Then, in a VPN up script (Best choice), or if you have your VPN start with WAN, put in your Administration/Scripts/WANUP

sleep 30
ip route flush table 200
ip route flush cache
ip rule add from 192.168.1.11 lookup 200
ip rule add from 192.168.1.13 lookup 200
VPN_GW=`ifconfig tun11 | awk '/inet addr/ {split ($2,A,":"); print A[2]}'`
ip route add table 200 default via $VPN_GW dev tun11

This probaly isn’t the “best” or “proper” way to do it, but it works. Now only 192.168.1.11 and192.168.2.13 will go through the OpenVPN tunnel. All other devices, and their traffic will go local.

This was extremely important for me, as i didnt want my Transmission torrent traffic going over the VPN. Some guy like SgtPepperKSU is looking at this and probably laughing… Anyway, from one Routing noob to another…

Advertisements

1 Comment »

  1. They use every trick of the trade including article writing to get that traffic to
    their niche product. Remember goal setting is pointless, it is utilizing goal setting for 2 purposes, the what, and where.

    An analysis may show the result in terms of both dollar and percentage changes.

    Comment by tea boxes wooden — May 13, 2015 @ 21:55


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.

%d bloggers like this: