What's new

Disable some clients on VPN

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

didario

Occasional Visitor
Hey.
On the router Asus RT-N66U I connect to the VPN server (router as a client openvpn).
all traffic is allowed through the VPN.
Is it possible and how to exclude a client connected to the router with this movement?
What I mean by this is:
2-4 customers were connected to the vpn,
1-2 customers without vpn.

I attach a picture
 

Attachments

  • VPN.jpg
    VPN.jpg
    38.8 KB · Views: 407
Dual Gateway

Sabai Technology offers routers with custom software that allows you to connect a client either directly to the Internet or through a VPN based on the client's MAC address.

Software is also available for a few select routers without purchasing hardware from Sabai.

In either case you can't go wrong as Sabai's tech support is second to none.
 
This is probably doable through iptables and routing tables, however that's fairly advanced stuff there.
 
This is probably doable through iptables and routing tables, however that's fairly advanced stuff there.

It is beyond my skills :)
I hope that it will be easier to come out stabile version dualwan:)

EDIT:
I found the solution...i think
I'm not sure it will work - is the tomato firmware.
@ RMerlin-what do you think?
My network has a range XX.XXX.X.50 ... 62,
VPN-50-55
WAN -56-63.
what to change in the script?
solution:
1. Allow openvpn to start on boot
2. Create an ip range that you would like to bypass vpn
3. Create a separate routing table 4 to be used by the predefined ip ranges

That's it!

So do the following:

1. Setup your vpn account and check that you can connect and everything works as expected.
2. On the router's webpage go to Administration > Scripts > Init (Tab)
3. Copy and paste the code below
----
# Start Vpn client1 assuming that your vpn settings are entered under client1
service vpnclient1 start
ping -c4 localhost

# Clean up by flushing table 4 and deleting all ip rules
ip route flush table 4
ip route fluch cache

# Create backup of default route table
ip route show table main > /root/route.isp

# Add rules for all DHCP routes (10.1.1.100 -> 10.1.1.255)
ip rule add from 10.1.1.100/30 lookup 4
ip rule add from 10.1.1.104/29 lookup 4
ip rule add from 10.1.1.112/28 lookup 4
ip rule add from 10.1.1.128/25 lookup 4

# Flush route cache
ip route flush cache

# Use original (pre-openvpn) route for table 4
cat /root/route.isp | while read ROUTE; do ip route add table 4 $ROUTE; done
---

4. Hit the save button (This saves the init script into nvram)
5. Reboot your router and you're all done!

To test that all went well do the following:

1. Logon to the router from your browser
2. Go to Tools > System
3. Type
----
ip route show table 4
----
and hit execute. You should see the a routing table that excludes your openvpn entries
4. Now type
----
ip route show table main
----
and hit execute. You should see the a routing table that includes your openvpn entries

You're done!
 
Last edited:
Old thread but since I have the same issue I'd like to know, if anybody tried this - and was successfull. Other working solutions would be fine as well,

Thanks
DerRobinson
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top