0

At home I use a VPN and to share it with other devices I use the computer which connects to the VPN as access point for a second LAN, but I don't want all the traffic be routed through the VPN: I want to be able to choose whether to use plain internet or the VPN, so I have the following setting:

  • My router is connected to my ISP and, on the local side, creates a LAN on the private addresses 10.10.10.* and it is the gateway with address 10.10.10.10 for the LAN
  • My pc (which runs ubuntu and has local address 10.10.10.100) is connected to the router via wifi and it is connected to my VPN provider
  • The same pc has a wifi dongle which is configured to be the access point for another LAN on the addresses 192.168.23.* (and the pc is the gateway for this LAN with address 192.168.23.1)

This way I have two LANs: one which connects directly to the internet (10.10.10.* ) and another which connects through the VPN (192.168.23.* ).

Also, I have another PC which is a DLNA server for the 10.10.10.* LAN and a smarttv which connects to the VPN.

Summing up:

  • 10.10.10.10: main router
  • 10.10.10.23: pc1 with a DLNA server
  • 10.10.10.100: wlan0 on pc2, connected to VPN
  • 192.168.23.1: wlan1 on pc2
  • 192.168.23.10: smarttv

To manage the traffic on pc2 I use this rule:

iptables -t nat -A POSTROUTING -s 192.168.23.0/24 -o wlan0 -j MASQUERADE

and the routing rules are

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         10.175.1.5      0.0.0.0         UG    0      0        0 tun0
10.10.10.0      *               255.255.255.0   U     9      0        0 wlan0
10.175.1.1      10.175.1.5      255.255.255.255 UGH   0      0        0 tun0
10.175.1.5      *               255.255.255.255 UH    0      0        0 tun0
h88-150-252-230 10.10.10.10     255.255.255.255 UGH   0      0        0 wlan0
192.168.23.0    *               255.255.255.0   U     0      0        0 wlan1

Everything works fine.

Namely, from my smarttv (and any other device connected on the 192.168.23.*) I see the internet through the VPN whereas devices connected to the router get plain access to the internet.

The problem is that the tv doesn't see the DLNA server and the question is: is it possible to set it up in such a way that the tv can reach the DLNA server?

Improve this question
4
  • You need to make routing to the10.10.10.1 from 192.168.23.1 in your routing configuration on router
    – Eko Junaidi Salam
    Commented Apr 6, 2015 at 13:38
  • How do I do this? I am not practical in defining routes.
    – brad
    Commented Apr 6, 2015 at 16:46
  • What is your router model ?
    – Eko Junaidi Salam
    Commented Apr 6, 2015 at 20:09
  • It is a Netgear DGN 1000
    – brad
    Commented Apr 6, 2015 at 21:11

1 Answer 1

Reset to default
0

You must create a static route to the configuration. Select Advanced > Static Route

The Destination IP Address and IP Subnet Mask fields specify that this static route applies to all 10.10.10.0 subnet mask 255.255.255.0 addresses.

The Gateway IP Address field specifies that all traffic for these addresses are to be forwarded to the LAN at 192.168.23.1.

The value in the Metric field represents the number of routers your network and the destination.

This should 0 from your routing table

.

The Private check box is selected only as a precautionary security measure in case RIP is activated

Please read this documentation in Configure Static Routes Section to add static route. Hope this help you out.

Improve this answer
16
  • I tried Dest IP Addr 10.10.10.0, mask 255.255.255.0, Gateway IP 192.168.23.1, Metric 2, but when I apply it I get an "Unknown error" box
    – brad
    Commented Apr 6, 2015 at 22:11
  • Please try to change Metric = 0, same as your routing table... if error still occured, please tell me.
    – Eko Junaidi Salam
    Commented Apr 6, 2015 at 23:55
  • With Metric=0 I get an error which says that metric should be in the interval 2-15
    – brad
    Commented Apr 7, 2015 at 8:05
  • 1
    Sorry, I am not able to insert messages in the chat: the system keep saying that I need to be logged in. Maybe I have not enough reputation
    – brad
    Commented Apr 7, 2015 at 11:06
  • 1
    At the end, I discovered that the settings Dest IP Addr 192.168.23.0, mask 255.255.255.0, Gateway IP 10.10.10.100, Metric 2 do the job: the two subnets see each other (at least, with VPN turned off) so I can ssh from one pc in a subnet to another in the other one. Nonetheless, I discovered also that I can't see the DLNA server because UPNP works only in the same subnet: to have it work accross subnets I need a UPNP proxy. But even using one, in my case I am not lucky, since I use minidlna which, I discovered, has a bug preventing him to work accross subnets. Thanks for your help.
    – brad
    Commented Apr 17, 2015 at 15:45

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .