VPN routing setup help requested.

Discussion in 'Tomato Firmware' started by Wizardknight, Nov 22, 2018.

  1. Wizardknight

    Wizardknight Serious Server Member

    I am running freshtomato 2018.4 on a R6300v2
    I have windscribe as a VPN provider.
    I am able to setup the VPN client in FreshTomato without any issues for access by the whole subnet.
    However when I enter the routing policy tab for the client I am unable change which clients are able to access the VPN.

    I have tried entering a single IP like 192.168.15.83 and a range like 192.168.15.64/26 or 192.168.15.0/25 (one at a time).
    However when I go to a device, regardless of the IP, I am seeing the traffic routed over the VPN.

    I have also tried rebooting the router after I put the VPN routing policy in place with no change.

    Am I misunderstanding the purpose of the routing policy tab in the VPN client?
    [​IMG]

    Trace routes are almost identical inside and outside the /26, and I am also seeing exactly what I would expect from data going over the VPN.

    Traceroute from 192.168.15.36 (outside of subnet for VPN)

    Code:
    1     1 ms    <1 ms    <1 ms  dd-wrt [192.168.15.1]
      2    31 ms    30 ms    30 ms  10.114.34.1
      3    31 ms    32 ms    34 ms  66.133.74.97
      4    50 ms    33 ms    32 ms  38.140.133.177
      5    33 ms    33 ms    34 ms  be2681.ccr21.sfo01.atlas.cogentco.com [154.54.5.233]
      6    32 ms    31 ms    55 ms  be3669.ccr41.sjc03.atlas.cogentco.com [154.54.43.10]
      7    33 ms    32 ms    31 ms  4.68.110.137
      8     *        *      100 ms  ae-2-3601.ear3.NewYork1.Level3.net [4.69.150.206]
      9   102 ms   101 ms   102 ms  YAHOO-INC.ear3.NewYork1.Level3.net [4.15.212.174]
     10   108 ms   107 ms   111 ms  UNKNOWN-216-115-104-X.yahoo.com [216.115.104.75]
     11   106 ms   109 ms   107 ms  UNKNOWN-74-6-227-X.yahoo.com [74.6.227.143]
     12   124 ms   114 ms   109 ms  et-19-0-0.clr1-a-gdc.bf1.yahoo.com [74.6.122.33]
     13   107 ms   109 ms   116 ms  eth-17-3.bas2-1-flk.bf1.yahoo.com [98.139.128.71]
     14   109 ms   130 ms   107 ms  media-router-fp2.prod1.media.vip.bf1.yahoo.com [72.30.35.10]
    Traceroute from 192.168.15.166 (inside of subnet for VPN)
    Code:
    
      1    <1 ms    <1 ms    <1 ms  dd-wrt [192.168.15.1]
      2    30 ms    30 ms    31 ms  10.114.34.1
      3    33 ms    70 ms    34 ms  66.133.74.97
      4    32 ms    31 ms    32 ms  38.140.133.177
      5    31 ms    32 ms    33 ms  be2681.ccr21.sfo01.atlas.cogentco.com [154.54.5.233]
      6    33 ms    33 ms    32 ms  be3669.ccr41.sjc03.atlas.cogentco.com [154.54.43.10]
      7    35 ms    32 ms    33 ms  4.68.110.137
      8     *      260 ms   100 ms  ae-2-3601.ear3.NewYork1.Level3.net [4.69.150.206]
      9   102 ms   100 ms   108 ms  YAHOO-INC.ear3.NewYork1.Level3.net [4.15.212.174]
     10   108 ms   108 ms   107 ms  UNKNOWN-216-115-104-X.yahoo.com [216.115.104.75]
     11   106 ms   112 ms   110 ms  UNKNOWN-74-6-227-X.yahoo.com [74.6.227.143]
     12   109 ms   108 ms   109 ms  et-19-0-0.clr1-a-gdc.bf1.yahoo.com [74.6.122.33]
     13   110 ms   117 ms   108 ms  eth-17-3.bas2-1-flk.bf1.yahoo.com [98.139.128.71]
     14   110 ms   107 ms   108 ms  media-router-fp2.prod1.media.vip.bf1.yahoo.com [72.30.35.10]
    
    Thanks for your suggestions.
     
    Last edited: Nov 24, 2018
  2. Wizardknight

    Wizardknight Serious Server Member

    Update. A fix was provided by pedro311.
    Posting here in case anyone else is having this issue and finds this thread.
    Go to the advanced tab under the client. Uncheck Redirect Internet traffic.
    This will show two hidden boxes.
    Put a check in Ignore Redirect Gateway.

    Works for me now. :)
     
    Last edited: Nov 28, 2018
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice