Excluding one device from VPN

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
strategic flashlight
DD-WRT Novice


Joined: 25 Sep 2019
Posts: 9
PostPosted: Wed Sep 25, 2019 16:35    Post subject: Excluding one device from VPN Reply with quote
Currently I have my router (Netgear R7000) set up to act as an OpenVPN client for all connections. It is working fine. However, I would like my TV to bypass the VPN.

I gave my TV a static local address of 192.168.1.222. I attempted to used the "Policy based Routing" field (on Services > VPN in the web UI) to configure which devices use the VPN. My understanding is that if this field is set, it should be an inclusive list of local IPs that will use the VPN, while any machines not in the list will not use VPN. So I made some ranges that would include every 192.168.1.* address except the TV:

Code:

192.168.1.0/25
192.168.1.128/26
192.168.1.224/27
192.168.1.192/28
192.168.1.208/29
192.168.1.216/30
192.168.1.220/31
192.168.1.223/32


This did not work as expected. After I applied the change, my desktop (192.168.1.101) stopped going through the VPN and connected directly to my ISP instead. Where did I go wrong?
Back to top View user's profile Send private message
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12915
Location: Netherlands
PostPosted: Wed Sep 25, 2019 18:32    Post subject: Reply with quote
You can not add your routers IP address in the PBR field.

You have to exclude your routers IP address and your TV's IP address with the help of CIDR notation: https://www.ipaddressguide.com/cidr

A lot of work is currently being done on PBR and with the latest build you can have the router on PBR so with the latest build (41135) you should also be good (I think Smile )

After done setting up reboot (old rules are not deleted until reboot at the moment)

If not report back and show output of:
ip route show
ip route show table 10
ip rule show
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top View user's profile Send private message
strategic flashlight
DD-WRT Novice


Joined: 25 Sep 2019
Posts: 9
PostPosted: Thu Sep 26, 2019 8:18    Post subject: Reply with quote
Thanks! Works great after I altered the list to not cover 192.168.1.1. I decided to skip the math this time and just used 254 /32 entries lol.
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum