Quick question regds DNSmasq, expressVPN had me set this already to
Should i have this to interface=tun2 which is my serverTUN you helped me create?
Also this may help someone else, but I struggled a moment ago to add my expressVPN connection to my android app, i kept getting a "fragmentation not supported" error, I looked at the oVPN FAQ and this is not supported so I removed in from the import file and bang works perfect!
You did not miss anything.
But when using an OVPN server and client on the same router you have to use Policy based routing on the OVPN client.
Otherwise traffic goes in through the WAN and is routed out through the vpn client and the firewall wiil not do that.
For policy based routing enter the ip addresses of the clients you want to route via the VPN client in the PBR field of the client use CIDR notation and do not include the router itself.
The ddwrt PBR implementation has some flaws, if you run into that then see my signature for a better implementation.
If you have your android client connected to your OVPN server you can have it use your outbound vpn client by adding the IP's of the OVPN server added to the PBR field
I.e add 10.8.0.2 to the PBR field
In the next iteration of the guide I will dedicate a chapter to this kind of setup
Okay tried that, in fact the IP you suggested was my "virtual IP" so i added this in PBR of WRT-clientVPN, and brill I can connect with both the client/server running together.
However I cannot hit my CCTV in the 192.168.49.x in this scenario.
So i tried adding that IP address as another seperate line in PBR, no joy.
I tried /32 each one also to no avail.
I have had a read of your script that again, and credit to you looks great, but I was struggling with it somewhat, but am sure it is what I want as I have a push access controller here that also needs to go out and loopback via the WAN from Googles push servers, but that is another story, at the moment I am not sure what I am missing ref the issue above?
"The problem is that you access your OpenVPN server via the WAN, and if you also have an OpenVPN client running, the return traffic will go out via the VPN client and your firewall will not allow that."
I never thought about that when trying to set up both an OPVN client and server. Thank you _________________ Netgear R9000 X10
DD-WRT v3.0-r41686 std (12/10/19)
AP, DNSMasq, Local DNS
QoS using HFSC w/CAKE
Static Leases & DHCP
2.4GHz: 3 + 7 (2422 MHz HT40)
5GHz: 161 + 155 (5805 MHz VHT80)
Well, I had that wrong (as I'm sure anyone who knows this new notation figured out. :))
A couple of hints to those reading this thread. First, make da*n sure you backup your configuration before messing with routing tables. My PBR sent DNS requests out the VPN and I lost the ability to contact the router! Reset the router and restore my backup and I'm back in business.