Posted: Wed Mar 08, 2023 7:15 Post subject: Routing traffic through Synology OpenVPN connection
My Use case:
I've currently got OpenVPN running on an R7800 Router with all traffic routed through a VAP, allowing me to simply change WIFI on my Apple TV if I want to watch content that required me to be in another country - and it works great.
The Problem:
My R7800 only allows about 30MB/s through due to the CPU power on the router.
Proposed Solution:
I could use Wireguard which would allow faster throughput, however the end point on the other side (my brothers Synology) does not support Wireguard.
So what I was think is the following:
Enable a OpenVPN Client on my Synology to set up the connection, then do some magic in DD-WRT to route traffic from a certain VAP through to the Synology's VPN rather than the routers VPN.
This may help, how to run Wireguard on Synolgoy NAS in Docker.
https://youtu.be/Tf74tyE0YjQ _________________ Netgear R7800 PPPoE Main Router
Network IPV4 - Isolated Vlan's with IoT Devices. Unifi AC-Pro x 3 AP's, Router Wi-Fi Disabled. OVPN Server With Paid Commercial Wireguard Client's. Gateway Mode, DNSMasq, Static Leases & DHCP, Pi-Hole DNS & Running Unbound.
No one can build you the bridge on which you, and only you, must cross the river of life!
Thanks for that excellent video @foz111, I now have Wireguard running on my Synology. (I knew it was possible, but didnt think it was this easy)
Also, @egc, I have been able to set up a Wireguard tunnel with PBR on my R7800, and the throughput is better, around 130MB/s(ish) rather than 30MB/s. So A great improvement.
The next challenge is how to restrict access on the remote site.. (I know this isnt a Wireguard forum, but as some of you might have some experience in this, I'll ask anyway)..
I do not want to be able to access anything on the remote LAN, I only want to use their Internet connection.. How can we restrict access on the Wireguard connection?
The Remote Synology is running wg-easy in a docker container.