Menu
What's new
By:
Filters Better Search

OpenVPN - Is it possible for only specfic ports to use VPN?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Weggy

Weggy

Regular Contributor
Hi,

I've managed to setup my OpenVPN client settings so the specfic device I need connect to the internet via the VPN. However, what I would like to do is for that device to only use the VPN when using a specific port e.g. TCP 1080, UDP 6881.

Many Thanks for all help that might come my way :)
 
Weggy said:
However, what I would like to do is for that device to only use the VPN when using a specific port e.g. TCP 1080, UDP 6881.
Click to expand...

To ensure destination ports TCP 1080 and UDP 6881 from a specific LAN device are routed via say VPN Client 3, then ENABLE Selective Policy routing in the VPN Client 3 GUI, then create

/jffs/scripts/nat-start

Code: 
#!/bin/sh

sleep 10

VPN_ID=3                    # <-- Edit for appropriate VPN Client
DEVICE="172.16.1.1"         # <-- Edit for appropriate LAN Device(s) i.e. CSV format
DPORTS_TCP="1080"           # <-- Edit Destination TCP port(s) i.e. CSV format
DPORTS_UDP="6881"           # <-- Edit Destination UDP port(s) i.e. CSV format

# Create required RPDB fwmark routing rule.....
ip rule del fwmark 0x${VPN_ID}000/0x${VPN_ID}000 2> /dev/null
ip rule add fwmark 0x${VPN_ID}000/0x${VPN_ID}000 table 11${VPN_ID} prio 999${VPN_ID}
ip route flush cache

# Add specific destination TCP ports to be routed via the VPN Client
iptables -t mangle -D PREROUTING -i br0 --src $DEVICE -p tcp -m multiport --dport $DPORTS_TCP -j MARK --set-mark 0x${VPN_ID}000/0x${VPN_ID}000
iptables -t mangle -A PREROUTING -i br0 --src $DEVICE -p tcp -m multiport --dport $DPORTS_TCP -j MARK --set-mark 0x${VPN_ID}000/0x${VPN_ID}000

# Add specific destination UDP ports to be routed via the VPN Client
iptables -t mangle -D PREROUTING -i br0 --src $DEVICE -p udp -m multiport --dport $DPORTS_UDP -j MARK --set-mark 0x${VPN_ID}000/0x${VPN_ID}000
iptables -t mangle -A PREROUTING -i br0 --src $DEVICE -p udp -m multiport --dport $DPORTS_UDP -j MARK --set-mark 0x${VPN_ID}000/0x${VPN_ID}000
 
Last edited:
You must log in or register to reply here.

Similar threads

J
Correctly using VPN Director?
Replies
2
Views
564
jetpack42
J
G
VPN Client with Public IP, split tunnel web server over VPN and other traffic not on the VPN
Replies
4
Views
404
Grefyne
G
S
VPN blocking MMS text messages
Replies
8
Views
586
Piotrek
P
F
NordVPN with Asus 88XU Pro UDP connection bandwidth limit when using Geforce now
Replies
0
Views
308
flopeh
F
B
Firewall lan - vpn?
Replies
0
Views
277
blast
B
Similar threads
Thread starter Title Forum Replies Date
B Is it Possible to limit OpenVPN connect time? Asuswrt-Merlin 33
fsb Upgrading, possible to export OpenVPN settings? Asuswrt-Merlin 2
E OpenVPN TAP internet access problem Asuswrt-Merlin 0
M OpenVPN clients cannot connect to LAN computers. Asuswrt-Merlin 0
M OpenVPN / site to site with special security/routing constraints Asuswrt-Merlin 7
R OpenVPN keeps on turning itself off Asuswrt-Merlin 37
M Best router for wireguard or openVPN Asuswrt-Merlin 1
W OpenVPN Server set to LAN only allows browsing Asuswrt-Merlin 14
A Upgraded my ASUS, issues with NordVPN via OpenVPN Asuswrt-Merlin 4
G openvpn server: can not change/select data cipher Asuswrt-Merlin 1

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 946 (members: 28, guests: 918)
Top