Dual VPN, client and server on same router

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

ceephis

New Around Here
OK all you routing geniuses

I have a RT-AC68R running the newest Merlin Firmware, and I am half way to my dream setup
I currently have a OPEN VPN server running amazing well and my phones can easily access all my files and network resources.
I also have a Proton VPN instance set up on my Router which connects well to open VPN and redirects all my traffic out.

The only issue i am experiencing is that both of these VPN options can not exist at the same time.

I was hoping to encrypt my traffic to my home (from remote) and then also use a VPN to encrypt all outbound traffic as well

Can you help me with this? AM I doing anything wrong?

Thanks for your wisdom and insight.

I found this sight, but it may be a little over my head, and it seems untested. but it may help us in problem solving this

Thanks again all
 

chongnt

Senior Member
OK all you routing geniuses

I have a RT-AC68R running the newest Merlin Firmware, and I am half way to my dream setup
I currently have a OPEN VPN server running amazing well and my phones can easily access all my files and network resources.
I also have a Proton VPN instance set up on my Router which connects well to open VPN and redirects all my traffic out.

The only issue i am experiencing is that both of these VPN options can not exist at the same time.

I was hoping to encrypt my traffic to my home (from remote) and then also use a VPN to encrypt all outbound traffic as well

Can you help me with this? AM I doing anything wrong?

Thanks for your wisdom and insight.

I found this sight, but it may be a little over my head, and it seems untested. but it may help us in problem solving this

Thanks again all
Do you mean remote device dial back to router via it's VPN server, then has local LAN access and at the same time have internet access via router's VPN Client to your VPN provider? It is possible. I have been doing this with x3mRouting. With current Merlin release, it is much easier by making use of the VPN Director feature. Just add a new rule by select your VPN Client interface and in Local IP field enter the network configured in your VPN Server.
 

ceephis

New Around Here
Do you mean remote device dial back to router via it's VPN server, then has local LAN access and at the same time have internet access via router's VPN Client to your VPN provider? It is possible. I have been doing this with x3mRouting. With current Merlin release, it is much easier by making use of the VPN Director feature. Just add a new rule by select your VPN Client interface and in Local IP field enter the network configured in your VPN Server.
From what I understand this is exactly what I am trying to do. HOwever I am not necessary sure how to do it. Would you have a screenshot or some sort of walk through you could share

Thanks for your wisdom and quick reply
 

ceephis

New Around Here
This is my current setup and when the VPN client is turned on on my router my phone simply says waiting for server. But the second I turn it off my phone can connect to my routers VPN server
 

Attachments

  • Router.JPG
    Router.JPG
    85.8 KB · Views: 47

ceephis

New Around Here
Thanks

I tried the steps above but to no avail.
Am I doing what your post Suggested?

Thanks again for your feedback and fast reply
 

eibgrad

Very Senior Member
The problem is that you still have "Yes(all)" specified for "Redirect Internet traffic through tunnel" on the OpenVPN client. It needs to be "VPN Director (policy rules)". Then your rule needs to force 10.0.0.0/24 (10.0.0.1/24 is NOT a valid IP/network) (I assume 10.0.0.x is your local network) over the VPN. That will keep the router itself OFF the OpenVPN client, making its OpenVPN server accessible over the WAN.
 

ceephis

New Around Here
The problem is that you still have "Yes(all)" specified for "Redirect Internet traffic through tunnel" on the OpenVPN client. It needs to be "VPN Director (policy rules)". Then your rule needs to force 10.0.0.0/24 (10.0.0.1/24 is NOT a valid IP/network) (I assume 10.0.0.x is your local network) over the VPN. That will keep the router itself OFF the OpenVPN client, making its OpenVPN server accessible over the WAN.
Thank you again for your quick reply

I am trying to figure out how to change it from yess all to Policy rules

Is there a walk through for this or do I need to make a new VPN connection?

Thanks
 

ceephis

New Around Here
It's an option/setting on the OpenVPN client GUI (Network Settings sub-section).
Thank you so much for pointing that out and for all the help

Things are working perfectly.

You guys rock.

My dreams are a reality

What are your thoughts on adding TOR to this setup as well? Would it add extra ananimity or security? is it even doable with my setup?

Thanks again for your wisdom
 

eibgrad

Very Senior Member
I don't use TOR all that much anymore. IMO, it's just too slow to be practical for day to day usage. It has also been criticized in recent years quite a bit for not offering as much anonymity as it originally claimed, esp. due to the fact that exit nodes can't necessarily be trusted. I suppose if you run your VPN through the TOR network (which I seem to recall trying a few years ago), that helps further your anonymity. But again, I find TOR so slow that it's only practical for very specific situations, like a dissident who's willing to accept the abysmal performance in exchange for the less likely possibility of being discovered. But for the average person, it's hard to imagine someone using it on a daily basis for normal operations.

JMTC
 

chongnt

Senior Member
Thank you so much for pointing that out and for all the help

Things are working perfectly.

You guys rock.

My dreams are a reality

What are your thoughts on adding TOR to this setup as well? Would it add extra ananimity or security? is it even doable with my setup?

Thanks again for your wisdom
That's great! By the way, welcome to the forum.
I don't use TOR so not able to comment on that.
 

ceephis

New Around Here
I don't use TOR all that much anymore. IMO, it's just too slow to be practical for day to day usage. It has also been criticized in recent years quite a bit for not offering as much anonymity as it originally claimed, esp. due to the fact that exit nodes can't necessarily be trusted. I suppose if you run your VPN through the TOR network (which I seem to recall trying a few years ago), that helps further your anonymity. But again, I find TOR so slow that it's only practical for very specific situations, like a dissident who's willing to accept the abysmal performance in exchange for the less likely possibility of being discovered. But for the average person, it's hard to imagine someone using it on a daily basis for normal operations.

JMTC
Thanks so much for you wisdom on this. Yeah I'd rather not slow everything down for almost no benefit. Thanks again for all your help and wisdom in this matter have a great day
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top