Timeline for OpenWRT: Forward traffic to non private IP address space through VPN
Current License: CC BY-SA 3.0
8 events
when toggle format | what | by | license | comment | |
---|---|---|---|---|---|
Feb 24, 2014 at 12:27 | comment | added | Marcks Thomas | @jelhan: With some trickery, OpenVPN creates a default route via 'anon-43-130.vpn.ipredator.se' on tun1337. All destinations not matching a specific route are forwarded over VPN. '46.246.43.130 on br-wan' is one such route (you use the regular internet connection to contact the VPN server itself), as is 192.168.178.0/24. You can add more if you don't want to use VPN for specific IPs. | |
Feb 24, 2014 at 10:00 | comment | added | jelhan |
Working now fine also with option masq 1 so I could configure all in UCI. Thank you very much. One last question, just for interest: On which rule does the vpn router now decide which package should be passed through VPN?
|
|
Feb 24, 2014 at 9:57 | vote | accept | jelhan | ||
Feb 23, 2014 at 15:50 | comment | added | Marcks Thomas | @jelhan: As MariusMatutiae's answer reminded me, I missed the part where the machines on 192.168.178.0/24 need to reply via the OpenWrt router. I've expanded my answer with a few recommendations. | |
Feb 23, 2014 at 15:48 | history | edited | Marcks Thomas | CC BY-SA 3.0 |
Expanded answer to allow responses from 192.168.178.0/24
|
Feb 23, 2014 at 14:08 | comment | added | jelhan |
I updated the questition with output of iptables -L --verbose . It is in state without applying your suggestion. Hope that helps.
|
|
Feb 23, 2014 at 13:51 | comment | added | jelhan | I applied the config forwarding from lan to wan in my /etc/config/firewall. Afterwards iptables -L are showing similiar rules to what you posted for wan. But the local network on 192.168.178.0/24 (local network with OpenWRT Router as a client) is still not reachable from 192.168.1.0/24 (local network behind OpenWRT router). Do you have any idea? | |
Feb 22, 2014 at 21:43 | history | answered | Marcks Thomas | CC BY-SA 3.0 |