What's new

Custom firmware build for R9000

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I have camera's that I do not want to go over the VPN and in the documentation regarding "Bypassing OpenVPN client tunnel", I had to do the following to get it to work.

The script in the docs add the route:
Code:
/usr/sbin/ip route add table 200 default via $WAN_GWAY dev brwan

However, when I look at all gateway variables:
Code:
root@MyAwesomeVoxelRouter:~$ config show | grep "gateway"
bridge_dhcp_gateway=0.0.0.0
bridge_gateway=0.0.0.0
extender_gateway=0.0.0.0
wan_dhcp_gateway=22.22.22.1
ap_dhcp_gateway=0.0.0.0
lan_gateway=0.0.0.0
wan_gateway=10.0.0.1
ap_gateway=0.0.0.0

... 10.0.0.1 doesn't exist for "wan_gateway", and when ./ovpnclient-up.sh runs, it would not update the table and just errors out with a "netmask 000000ff" error.

The fix was to make 2 changes. Change the WAN_GWAY var, and well as adding "metric 100" to the route:

/etc/openvpn/ovpnclient-up.sh:
Code:
#!/bin/sh

/sbin/ledcontrol -n power -c green -s on

# Don't forget to reserve the list of IPs for exclusion devices on the DHCP server
# Edit the following IP list to bypass the VPN. Seperate individual IP's using a single space between them.

NO_VPN_LST="192.168.1.xx 192.168.1.xx 192.168.1.xx"
WAN_GWAY=`nvram get wan_dhcp_gateway`
for excludeip in $NO_VPN_LST; do
   /usr/sbin/ip rule add from $excludeip table 200
done
/usr/sbin/ip route add table 200 default via $WAN_GWAY dev brwan metric 100
/usr/sbin/ip route flush cache
exit 0

Anyways, it may or may not help others... helped me!
 
Last edited:
I have camera's that I do not want to go over the VPN and in the documentation regarding "Bypassing OpenVPN client tunnel", I had to do the following to get it to work.

The script in the docs add the route:
Code:
/usr/sbin/ip route add table 200 default via $WAN_GWAY dev brwan

However, when I look at all gateway variables:
Code:
root@MyAwesomeVoxelRouter:~$ config show | grep "gateway"
bridge_dhcp_gateway=0.0.0.0
bridge_gateway=0.0.0.0
extender_gateway=0.0.0.0
wan_dhcp_gateway=22.22.22.1
ap_dhcp_gateway=0.0.0.0
lan_gateway=0.0.0.0
wan_gateway=10.0.0.1
ap_gateway=0.0.0.0

... 10.0.0.1 doesn't exist for "wan_gateway", and when ./ovpnclient-up.sh runs, it would not update the table and just errors out with a "netmask 000000ff" error.

The fix was to make 2 changes. Change the WAN_GWAY var, and well as adding "metric 100" to the route:

/etc/openvpn/ovpnclient-up.sh:
Code:
#!/bin/sh

/sbin/ledcontrol -n power -c green -s on

# Don't forget to reserve the list of IPs for exclusion devices on the DHCP server
# Edit the following IP list to bypass the VPN. Seperate individual IP's using a single space between them.

NO_VPN_LST="192.168.1.xx 192.168.1.xx 192.168.1.xx"
WAN_GWAY=`nvram get wan_dhcp_gateway`
for excludeip in $NO_VPN_LST; do
   /usr/sbin/ip rule add from $excludeip table 200
done
/usr/sbin/ip route add table 200 default via $WAN_GWAY dev brwan metric 100
/usr/sbin/ip route flush cache
exit 0

Anyways, it may or may not help others... helped me!
I dont know what "documentation" you are refering to,
but have you read and tried this?:
https://www.snbforums.com/threads/voxel-vpn-connection-problem.50078/page-2#post-446788

(The internal gateway variables are not correct in eg AP mode)
 
I dont know what "documentation" you are refering to,

Voxel has replied numerous times with "Have you read my documentation?", "There's some really good docs here..", etc. So, his docs. Maybe I should had said "readme".


No, but I will. Thx!

I'm glad I didn't see that post, i've learned a lot about my router. :) (been reading everything I can on his various posts on the various forums)
 
Ah, this is how you are getting the true WAN_GWAY. Gonna read through it a bit more and make the change...

Code:
WAN_GWAY=`ip route | awk '/^default/{print $3}'`
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top