RT66N - Tomato - Allow only specific IP(s) through OpenVPN

Discussion in 'Tomato Firmware' started by fearz, Jul 10, 2012.

  1. fearz

    fearz Serious Server Member


    I'm using OpenVPN to connect through strongVPN, when it start, all connected devices use strongVPN IP....I want to only have 1 device connecting through OpenVPN and all other devices remain connected with the real router IP...

    Can someone more experienced in scripting or with iptables let me know how to do so?

    Thanks a lot
  2. shadowken

    shadowken Networkin' Nut Member

    OpenVPN wants to setup all your routing, you've got to stop that...
    In VPN Tunneling/Client/Basic

    Uncheck "Create NAT on Tunnel" In VPN Tunneling/Client/Advanced
    Uncheck "Redirect Internet Traffic"
    Custom Configuration, add the line: route-nopull
    In Administration/Scripts/Firewall, make sure you have:

    iptables -I FORWARD -i br0 -o tun11 -j ACCEPT
    iptables -I FORWARD -i tun11 -o br0 -j ACCEPT
    iptables -I INPUT -i tun11 -j REJECT
    iptables -t nat -A POSTROUTING -o tun11 -j MASQUERADE

    Then, in a VPN up script (Best choice), or if you have your VPN start with WAN, put in your Administration/Scripts/WANUP :

    sleep 30
    ip route flush table 200
    ip route flush cache
    ip rule add from lookup 200
    ip rule add from lookup 200
    VPN_GW=`ifconfig tun11 | awk '/inet addr/ {split ($2,A,":"); print A[2]}'`
    ip route add table 200 default via $VPN_GW dev tun11
  3. subz3ro

    subz3ro Networkin' Nut Member

    how can I write a VPN up script for pptp?
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice