[bifi2090]

I´m running Build: DD-WRT v3.0-r36168 std (06/20/1 on my Linksys Wrt1200AC.
I have both the OPENvpn client (AirVPN) and the OPENVPN server (own) running successfully.
I connect exclusively via the Ovpn server with my router and can then access all the machines in my home network.
If I activate the OpenVPN client, I can continue to access the router itself (policy based routing), but can´t reach my PC in the LAN via RDP (the PC is rooted through the client tunnel).
How can I access my PC's in the home network via RDP when the OVPN Client + Server is activated?

My iptables Rules (I use only that for accessing OPENVPN-Server):

iptables -I INPUT 1 -p udp --dport 5086 -j ACCEPT
iptables -t nat -A POSTROUTING -s 192.168.2.0/29 -j MASQUERADE

Open VPN CLient config:

management 127.0.0.1 16
management-log-cache 100
verb 3
mute 3
syslog
writepid /var/run/openvpncl.pid
client
resolv-retry infinite
nobind
persist-key
persist-tun
script-security 2
dev tun1
proto tcp4-client
cipher aes-256-cbc
auth sha1
remote ***.***.***.*** 443
comp-lzo yes
redirect-private def1
route-noexec
tls-client
tun-mtu 1500
mtu-disc yes
ns-cert-type server
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
ca /jffs/etc/bin/OVPN_Client_Certs/ca.crt
cert /jffs/etc/bin/OVPN_Client_Certs/client.crt
key /jffs/etc/bin/OVPN_Client_Certs/client.key
tls-auth /jffs/etc/bin/OVPN_Client_Certs/ta.key 1

Open VPN server-Config:

keepalive 10 120
verb 3
mute 3
syslog
writepid /var/run/openvpnd.pid
management 127.0.0.1 14
management-log-cache 100
topology subnet
script-security 2
port 5086
proto udp4
cipher aes-256-cbc
auth sha256
client-connect /tmp/openvpn/clcon.sh
client-disconnect /tmp/openvpn/cldiscon.sh
client-config-dir /jffs/etc/openvpn/ccd
comp-lzo no
tls-server
ifconfig-pool-persist /tmp/openvpn/ip-pool 86400
client-to-client
push "redirect-gateway def1"
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA256
fast-io
tun-mtu 1500
mtu-disc yes
server 192.168.2.0 255.255.255.248
dev tun2
ca /jffs/etc/bin/OVPN_Server_Certs/ca.crt
cert /jffs/etc/bin/OVPN_Server_Certs/server.crt
key /jffs/etc/bin/OVPN_Server_Certs/server.key
dh /jffs/etc/bin/OVPN_Server_Certs/dh4096.pem
tls-auth /jffs/etc/bin/OVPN_Server_Certs/tlsauth.key 0


There are no further ports forwarded, because I come exclusively via the VPN server tunnel into my home network and that´s working fine. I only need a solution to RDP through the OVPN-Server into a machine at my local Network wich is brouted through the OVPN-client (AirVPN).

Please help me someone.

[popoviciri]

Try Eibgrad's table10 workaround. Just dump the code from the link below (all of it) in your startup scripts and restart to router.
Code from here: https://pastebin.com/YwnHLqaa
More info here: http://svn.dd-wrt.com/ticket/5690
I have absolutely no firewall rules set and everything works as expected. Connected from my phone to the home network, I have access to all my home devices (including a pihole filtering adds) and exist through the mullvad tunnel.
I doubt you need anything else but the killswitch in your firewall.
Make sure the router IP is not in PBR. You might want to comment the debug line in the scrip above, otherwise will flood your logs (if you have those enabled). I tried to change the MAX_PASS variable to a 5, but after a while table 10 gets back to WAN only. So now I just let it run every minute.
Hope this helps!
cheers

WRT1900ACSv1: 36247
OpenVPN server and client (with PBR), samba, entware (from esata ssd), static leases, access restriction etc..

[bifi2090]

Oh man, that was very helpful. This was what i needed. I was searching over a year for a solution. Now all works fine. Thank you very much you saved my day .