1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

ASUS rt56u, merlin 384.6 - routing to vpn only based on destination address

Discussion in 'Asuswrt-Merlin' started by Chris Pazz, Sep 24, 2019.

  1. Chris Pazz

    Chris Pazz New Around Here

    Joined:
    Sep 24, 2019
    Messages:
    1
    Hi,
    I have an Asus rt56u with latest merlin.

    I have configured an OpenVPN client for my vpn provider (nordvpn).
    I have 2 clients on network that are using a specific service connecting to an external destination address (for eg. 100.100.100.100) and I need to route only those specific connection via VPN (with killswitch enabled).

    First one is a Fire TV Stick and second one is a single Docker container running in my Synology NAS (host mode).

    Both of them do not have to be routed fully via vpn. The NAS is used also for serving some services (web, ecc..) so cannot be all via VPN, The fire TV Stick has some services that, if routed, raise geo licensing problems.

    How can I set up routing policies so that all connection works the same via WAN but the connection from those 2 clients to 100.100.100.100 go via VPN?

    I have tried to insert a single policy rule:

    0.0.0.0 as source, 100.100.100.100 as destination -> VPN

    but it seems to route all my network thru VPN. Also setting up the 2 lan clients IP as source address seems not to take care of destination address causing all network from them to be routed via VPN.

    I can also evaluate other solutions if there is any way to install on my synology NAS a vpn gateway or something similar (via docker).

    Thank you
    Chris