Hi!
I'm trying to setup merlin to route traffic over the VPN if the destination IP matches. I followed the instructions located here...
http://serverfault.com/questions/38...-hosts-route-through-openvpn-client-on-tomato
-specifically-
1) Created openvpn configs...was able to successfully connect to the vpn server and route all traffic over it.
2a) Uncheck "Create NAT on Tunnel" In VPN Tunneling/Client/Advanced
2b) Uncheck "Redirect Internet Traffic"
2c) added "route-nopull" to the "custom configuration" section.
3) In the shell, executed the following
~~
iptables -I FORWARD -i br0 -o tun11 -j ACCEPT
iptables -I FORWARD -i tun11 -o br0 -j ACCEPT
iptables -I INPUT -i tun11 -j REJECT
iptables -t nat -A POSTROUTING -o tun11 -j MASQUERADE
~~
4) In the shell, executed the following...
~~
ip route flush table 200
ip route flush cache
ip rule add from 192.168.1.11 lookup 200
VPN_GW=`ifconfig tun11 | awk '/inet addr/ {split ($2,A,":"); print A[2]}'`
ip route add table 200 default via $VPN_GW dev tun11
~~
I replaced 192.168.1.11 with my destination IP I wanted to route over the vpn link.
Unfortunately, it just times out when trying to access the URL with a web browser. Traceroute just dies on the first hop.
It seems easy enough, but I was hoping somebody can suggest what I'm doing wrong with this.
Thanks!
I'm trying to setup merlin to route traffic over the VPN if the destination IP matches. I followed the instructions located here...
http://serverfault.com/questions/38...-hosts-route-through-openvpn-client-on-tomato
-specifically-
1) Created openvpn configs...was able to successfully connect to the vpn server and route all traffic over it.
2a) Uncheck "Create NAT on Tunnel" In VPN Tunneling/Client/Advanced
2b) Uncheck "Redirect Internet Traffic"
2c) added "route-nopull" to the "custom configuration" section.
3) In the shell, executed the following
~~
iptables -I FORWARD -i br0 -o tun11 -j ACCEPT
iptables -I FORWARD -i tun11 -o br0 -j ACCEPT
iptables -I INPUT -i tun11 -j REJECT
iptables -t nat -A POSTROUTING -o tun11 -j MASQUERADE
~~
4) In the shell, executed the following...
~~
ip route flush table 200
ip route flush cache
ip rule add from 192.168.1.11 lookup 200
VPN_GW=`ifconfig tun11 | awk '/inet addr/ {split ($2,A,":"); print A[2]}'`
ip route add table 200 default via $VPN_GW dev tun11
~~
I replaced 192.168.1.11 with my destination IP I wanted to route over the vpn link.
Unfortunately, it just times out when trying to access the URL with a web browser. Traceroute just dies on the first hop.
It seems easy enough, but I was hoping somebody can suggest what I'm doing wrong with this.
Thanks!