However any device connected to the XR300 does not go over the VPN it will always go directly to the internet from the gateway router. This is with ìSource Routing (PBR)î set to ìRoute all sources to VPNî, I also added the command ìredirect-gateway def1î In "Additional Config".
In Status > OpenVPN The State is showing as "Client: CONNECTED SUCCESS" , but looking at the log the router seems to to connect / disconnect the NordVPN.
I am not a network export and have tried to follow the guide but maybe I missed something.
Attached are screen shots of the configuration I am using.
Something wrong as its showing WAN as disabled in gateway mode. Check Ethernet cable.
ISP router LAN to xr300 WAN Port for gateway mode. _________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
It seems the bit I am strugling with is how to set up the XR300 as a cascaded router from the ISPs router. The VPN guides don't cover this.
I would like to have
- all devices on the XR300 sent ove the VPN only
- no need to connect directly to internet if VPN not there
- no need for devices from the XR300 LAN to connect with devices on the IPS router LAN
Can someone help a bit with the settings for that, please.
Joined: 18 Mar 2014 Posts: 12922 Location: Netherlands
Posted: Mon Apr 25, 2022 11:26 Post subject:
Then reset to defaults and connect WAN from XR300 to LAN of the ISP router.
After reset make sure the XR300 has a different local IP address then the ISP router in the third octet, e.g. if your ISP router is 192.168.1.1 then set the XR300 as 192.168.2.1
Subnet /24
If you really want to stop XR300 clients viewing ISP clients add:
Code:
iptables -I FORWARD -d $(nvram get wan_ipaddr)/$(nvram get wan_netmask) -m state --state NEW -j REJECT
Joined: 08 May 2018 Posts: 14249 Location: Texas, USA
Posted: Mon Apr 25, 2022 14:50 Post subject:
Looks as if the original plan was to set the XR300 up as a Wired Access Point with a VPN client, which I believe has been discussed and documented as well... _________________ "Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT Pogo - A minimal level of ability is expected and needed... DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)
----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Looks as if the original plan was to set the XR300 up as a Wired Access Point with a VPN client, which I believe has been discussed and documented as well...
Yes the plan was / is to set the XR300 up as a Wired Access Point with a VPN client.
Alozaros wrote:
not sure why at Capture-setup-basicsetup.JPG WAN is disabled...
as well why you do specify local DNS in the local DNS box...
a normal client VPN on a Gateway router would've require
-WAN connection (ISP settings/static or dynamic or pppoe)
-and valid NTP time
is your router in a WAP mode.... ? than read carefully OpenVPN Client on a Wireless Access Point (WAP) section
as well show the advanced VPN config rules as some of those may not be needed...on the new builds...
if you follow and read the VPN guide, carefully... you should be up an running...
So I followed the settings listed (listed below) and left all other settings at thier factory default.
Thus the WAN connection type is left as « Automatic Configuration DHCP » but ignore WAN DNS is checked. And the Operating Mode in Advanced Routing is left as « Gateway »
In accordance with « DD-WRT OpenVPN Client Setup Guide with NordVPN » thread I added only the following commands in Additional Config