VPN Client + Remote Tunnel

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page Previous  1, 2
Author Message
rlsrlf2013
DD-WRT Novice


Joined: 19 May 2022
Posts: 11

PostPosted: Fri May 20, 2022 2:37    Post subject: Reply with quote
All of the policy based routing info I can find is related to OpenVPN and not WireGuard. I get that I may be thinking of that backwards. Either way I have not been able to get the OpenVPN client to be separate from the WireGuard server in relation to WAN IP address.
Sponsor
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 9157

PostPosted: Fri May 20, 2022 5:48    Post subject: Reply with quote
rlsrlf2013 wrote:
All of the policy based routing info I can find is related to OpenVPN and not WireGuard. I get that I may be thinking of that backwards. Either way I have not been able to get the OpenVPN client to be separate from the WireGuard server in relation to WAN IP address.


The OpenVPN guide and documentation links in the Advanced forum explain everything you need to know. You just have to use the Advanced options on the OpenVPN client to selectively route. And if you want to route the entire WLAN/LAN (but NOT the router itself), just create a rule for 192.168.1.0/24 (assuming that's your local network). At that point, the WireGuard server should become accessible since the router itself is no longer bound to the OpenVPN client.

_________________
ddwrt-ovpn-split-basic.sh (UPDATED!) * ddwrt-ovpn-split-advanced.sh (UPDATED!) * ddwrt-ovpn-client-killswitch.sh * ddwrt-ovpn-client-watchdog.sh * ddwrt-ovpn-remote-access.sh * ddwrt-ovpn-client-backup.sh * ddwrt-mount-usb-drives.sh * ddwrt-blacklist-domains.sh * ddwrt-wol-port-forward.sh * ddwrt-dns-monitor.sh (NEW!)
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12838
Location: Netherlands

PostPosted: Fri May 20, 2022 6:28    Post subject: Reply with quote
@eibgrad already pointed you to the right answer.

You can use Policy Based routing.
As one of the Policy Based routing solutions (besides what @eibgrad already described) you can choose Source Based Routing > Route selected Sources via the WAN and then enter the local port of the WG server e.g.:
Code:
sport 51820

This will selective route only that port via the WAN and everything else will still go through the VPN tunnel.

I think even this can do the trick which will fetch the value of the local port:
Code:
sport $(nvram get oet1_port)


I will move this thread to the Advanced Networking forum.

I am traveling so I will have only occasional internet

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
rlsrlf2013
DD-WRT Novice


Joined: 19 May 2022
Posts: 11

PostPosted: Sat May 21, 2022 19:23    Post subject: Reply with quote
Reading these last couple of posts and also the advanced guide pdf, this is what I assume I am supposed to do? When I go to "canyouseeme.org" with VPN client enabled it shows the spoofed WAN IP and I cannot remotely access my LAN. When I disable the client, remote access works again. I also tried "Route selected sources via WAN" with only the code: sport 51820. 51820 is indeed the port that WireGuard is using.
Goto page Previous  1, 2 Display posts from previous:    Page 2 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum