How to Bypass VPN Tunnel on Stock R7800

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Thang

Occasional Visitor
In the control panel of netgear x4s r7800 there is pureVPN vpn client entry, I plan to use it. But how can I bypass VPN for 1 specific device when connecting to VPN/router. If anyone knows how to solve this problem, please help me because in the country where I live, ISPs' international bandwidth restriction is very common. Tks so much again !
P/s: Sorry if the content is difficult to understand because I used google translate.

Screenshot 2021-09-12 at 04-16-05 NETGEAR Router R7800.png
 

R. Gerrits

Senior Member
In the control panel of netgear x4s r7800 there is pureVPN vpn client entry, I plan to use it. But how can I bypass VPN for 1 specific device when connecting to VPN/router. If anyone knows how to solve this problem, please help me because in the country where I live, ISPs' international bandwidth restriction is very common. Tks so much again !
P/s: Sorry if the content is difficult to understand because I used google translate.

View attachment 36239

It is only possible if you can SSH or telnet into the router.

If so, then create a script (for instance bypassvpn.sh) and make it executable.
Edit the script and put this contents in there:
Code:
#!/bin/sh

[ "$(grep -c "novpn$" /etc/iproute2/rt_tables)" -eq "0" ] && [ "$(grep -c "^213" /etc/iproute2/rt_tables)" -eq "0" ] && echo "213 novpn" >> /etc/iproute2/rt_tables
ip route flush table novpn
ip route flush cache

ip route show table main | grep -vE "tun21" | while read -r route; do
  if ! ip route show table novpn | grep "$route"; then
    ip route add $route table novpn
  fi
done

#to have an IP-address bypass vpn:
[ "$(ip rule list | grep -c "192.168.1.4 lookup novpn")" = "0" ] && ip rule add from 192.168.1.4 table novpn
(replace 192.168.1.4 with the IP-address you want to have bypass the VPN (in both places); add more lines if you want to bypass more IP-addresses.)

After you have started the VPN, execute the script and confirm that the IP-address is indeed bypassing. (for instance via https://www.whatsmyip.org)

If it is working, then you somehow need to change the VPN startup script, so that this bypassvpn.sh is executed once the VPN tunnel is up. I don't have access to stock FW, but I suspect that is in /etc/init.d/openvpn-client.

Assumption from my end is that also on stock FW, the VPN client tunnel interface is tun21. so you might want to verify that. (once VPN is up, do: ip route show and look for dev tun)
If it has a different name, then change it also in the script.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top