pat.ibulaire
Occasional Visitor
Hello everybody,
- I have my asus/merlin router running vpnclient1 (tap11) which connect to an external vpn server
- All internet traffic is routed through this vpn client by default when it is running
- I have my asus/Merlin router running vpnserver1 (tap21) which listen on some WAN port
- when the vpnclient1 is not running I can connect from outside to the asus/merlin vpnserver1 successfully
- when the vpnclient1 is running I cannot connectto the asus/merlin vpnserver1 , i guess the packet from vpnserver1 are routed through the vpnclient and then the connection cannot succeed
I have manage to selectively route some of my LAN (192.168.2.253) client to bypass the vpnclient1 by adding rule :
ip rule add from 192.168.2.253 dev br0 table 100
ip route add default table 100 via 192.168.0.1
ip route flush cache
I think the vpnserver1 (tap21) has to bypass the vpnclient1 to respond to a client connection request but I don't manage to do it.
I hope someone can help, Thank you very much in advance
here are my settings :
Wan network :
gateway 192.168.0.1
netmmask 255.255.255.0
Lan network
gateway 192.168.2.1
netmask 255.255.255.255
Asus/merlin router wan ip 192.168.0.10
vpnclient1 connect to 74.131.173.17:21000
public ip assigned to vpnclient is 74.131.169.132
gateway "pushed" to vpn client is 74.131.169.129
when the vpnclient1 is not running I get for the command ip route list
192.168.0.1 dev eth0 scope link
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.10
192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.1
127.0.0.0/8 dev lo scope link lo scope link
default via 192.168.0.1 dev eth0
when the vpnclient1 is running I get for the command ip route list
74.131.173.17 via 192.168.0.1 dev eth0
192.168.0.1 dev eth0 scope link
74.131.168.128/27 dev tap11 proto kernel scope link src 74.131.162.132
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.10
192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.1
127.0.0.0/8 dev lo scope link lo scope link
0.0.0.0/1 via 74.131.169.129 dev tap11
128.0.0.0/1 via 74.131.169.129 dev tap11
default via 192.168.0.1 dev eth0
- I have my asus/merlin router running vpnclient1 (tap11) which connect to an external vpn server
- All internet traffic is routed through this vpn client by default when it is running
- I have my asus/Merlin router running vpnserver1 (tap21) which listen on some WAN port
- when the vpnclient1 is not running I can connect from outside to the asus/merlin vpnserver1 successfully
- when the vpnclient1 is running I cannot connectto the asus/merlin vpnserver1 , i guess the packet from vpnserver1 are routed through the vpnclient and then the connection cannot succeed
I have manage to selectively route some of my LAN (192.168.2.253) client to bypass the vpnclient1 by adding rule :
ip rule add from 192.168.2.253 dev br0 table 100
ip route add default table 100 via 192.168.0.1
ip route flush cache
I think the vpnserver1 (tap21) has to bypass the vpnclient1 to respond to a client connection request but I don't manage to do it.
I hope someone can help, Thank you very much in advance
here are my settings :
Wan network :
gateway 192.168.0.1
netmmask 255.255.255.0
Lan network
gateway 192.168.2.1
netmask 255.255.255.255
Asus/merlin router wan ip 192.168.0.10
vpnclient1 connect to 74.131.173.17:21000
public ip assigned to vpnclient is 74.131.169.132
gateway "pushed" to vpn client is 74.131.169.129
when the vpnclient1 is not running I get for the command ip route list
192.168.0.1 dev eth0 scope link
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.10
192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.1
127.0.0.0/8 dev lo scope link lo scope link
default via 192.168.0.1 dev eth0
when the vpnclient1 is running I get for the command ip route list
74.131.173.17 via 192.168.0.1 dev eth0
192.168.0.1 dev eth0 scope link
74.131.168.128/27 dev tap11 proto kernel scope link src 74.131.162.132
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.10
192.168.2.0/24 dev br0 proto kernel scope link src 192.168.2.1
127.0.0.0/8 dev lo scope link lo scope link
0.0.0.0/1 via 74.131.169.129 dev tap11
128.0.0.0/1 via 74.131.169.129 dev tap11
default via 192.168.0.1 dev eth0