Posted: Fri Jun 21, 2019 16:30 Post subject: Route specific IP through VPN?
Hello,
Is it possible to route a specific IP's traffic through my VPN?
Thing is, I am under CG-NAT, and I want to access that device which is a camera NVR from outside.
Will it be possible to route all the traffic from that IP address through my VPN so that I can connect to my VPN's IP address and can access it from anywhere.
I am currently using Netgear R6400 with DD-WRT version "DD-WRT v3.0-r38580M kongac (02/05/19)".
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Fri Jun 21, 2019 18:18 Post subject:
With policy based routing you can set which ip address you want to route through the vpn client.
In the PBR field enter the ip address of your camera and then that will be routed through the vpn.
For port forwarding through the vpn ask your vpn provider.
If you also want to view your camera from the lan you have to use @Eibgrads script to copy local routes to the alternate routing table or my PBR solution, see my signature at the bottom of this post.
I assume you're running your own OpenVPN *server*.
A CGNAT network IP is typically NOT routable from the internet because it uses the *private* IP network of 100.64.0.0/10, which is the functional equivalent of trying to route to 192.168.x.x (not going to happen).
Unless you can convince your ISP to provide you w/ a routable public IP, then you don't have many options. You could use a commercial OpenVPN provider that supports port forwarding, so you can tunnel back into your home network. Or perhaps configure your own OpenVPN server on a VPS, connect your OpenVPN client at home to that server, and tunnel back into your home network. I know some ppl actually do this, because they have no other viable options.
I am running a PPTP VPN actually.
I don't want to run a VPN server on the router, I want one of my IP address to connect to the VPN.
I assume you're running your own OpenVPN *server*.
A CGNAT network IP is typically NOT routable from the internet because it uses the *private* IP network of 100.64.0.0/10, which is the functional equivalent of trying to route to 192.168.x.x (not going to happen).
Unless you can convince your ISP to provide you w/ a routable public IP, then you don't have many options. You could use a commercial OpenVPN provider that supports port forwarding, so you can tunnel back into your home network. Or perhaps configure your own OpenVPN server on a VPS, connect your OpenVPN client at home to that server, and tunnel back into your home network. I know some ppl actually do this, because they have no other viable options.
I am running a PPTP VPN actually.
I don't want to run a VPN server on the router, I want one of my IP address to connect to the VPN.
Then as @egc suggests, you need to use PBR (policy based routing). But unlike the OpenVPN client which supports PBR in the GUI, for PPTP, you'd have to implement your own PBR.
Also, this assumes your VPN provider supports port forwarding (some do, most don't).
Okay, thanks.
Yes, the VPS on which I have setup my VPN supports port forwarding.