Menu
What's new
By:
Filters Better Search

No route through Tunnel Dual Wan

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

X

xchris72

New Around Here
Hi,
i installed yesterday :384.15_beta1 and configured VPN to NordVpn servers but i'm having problems routing traffic to the tunnel i describe the setup.

2 ISP : 192.168.8.1 /24 192.168.9.1/24

Dual Wan in Load balance (wan2 is on lan1).
Routing rules for all the lan.
192.168.77.16/28 all WAN 2
192.168.77.32/27 all WAN 1
192.168.77.64/26 all WAN 1
192.168.77.128/25 all WAN 1

only client between 192.168.77.1 - 192.168.77.15 have dual wan connection.
All the other on WAN1 or WAN2

Now...
i configured an OpenVpn with ovpn config files (standard)

If i route all traffic through VPN... it doesn't work. VPN connected, but traffic goes through WAN1 or WAN2
If i route specific network segments... it's the same. Traffic is not routed through the tunnel.


Any idea?
Thank you
 
Last edited:
xchris72 said:
Hi,
i installed yesterday :384.15_beta1 and configured VPN to NordVpn servers but i'm having problems routing traffic to the tunnel i describe the setup.

2 ISP : 192.168.8.1 /24 192.168.9.1/24

Dual Wan in Load balance (wan2 is on lan1).
Routing rules for all the lan.
192.168.77.16/28 all WAN 2
192.168.77.32/27 all WAN 1
192.168.77.64/26 all WAN 1
192.168.77.128/25 all WAN 1

only client between 192.168.77.1 - 192.168.77.15 have dual wan connection.
All the other on WAN1 or WAN2

Now...
i configured an OpenVpn with ovpn config files (standard)

If i route all traffic through VPN... it doesn't work. VPN connected, but traffic goes through WAN1 or WAN2
If i route specific network segments... it's the same. Traffic is not routed through the tunnel.


Any idea?
Thank you
Click to expand...
This should still work - VPN rules not working when Dual-WAN configured
 
Last edited:
And I would also recommend upgrading to the RMerlin 384.15_0 release too. :)
 
I installed the beta just yesterday o_O
( i did the update this morning)


Thank you for the link... i didn't know it was already reported.
Thank you
 
xchris72 said:
I installed the beta just yesterday o_O
( i did the update this morning)


Thank you for the link... i didn't know it was already reported.
Thank you
Click to expand...
The developer cannot test Dual-WAN, so my script 'hack' facilitates the use of the GUI and addresses the issue

i.e. Basically, the Dual-WAN Selective Routing RDPB rules will always have a higher priority than the VPN Client Selective Routing RPDB rules.

If you issue command
Code: 
ip rule
then you will see your VPN Client RPDB rules start at RPDB priority rule number '1010x' and the Dual-WAN RPDB rules start @100,200 and 400.

So my hack attempts to ensure that (rather than use priority '1010x') the VPN rules are crammed into the higher priority range 50-100.

You don't have to use my GUI hack, i.e. you could simply move the VPN rules to the more-appropriate priority, when say the openvpn-event 'vpnclientX-route-up' event is triggered ( see openvpn-event)
 
Ok thank you very much!
I tried this morning but with no luck.. but i had to keep the internet up for all the family so i could not investigate that much...

Martineau said:
i.e. Basically, the Dual-WAN Selective Routing RDPB rules will always have a higher priority than the VPN Client Selective Routing RPDB rules.
Click to expand...

This is a problem for me, as i have a rule for almost every ip in the lan...

However,
now i know where i have to work on!
Thank you very much


PS: The next step is to route 2 tunnels via different isp to a VPS, and to bond them on both sides.
 
xchris72 said:
This is a problem for me, as i have a rule for almost every ip in the lan...
Click to expand...
Then clearly you should be using CIDR notion to greatly reduce the number of physical rules by condensing contiguous IP ranges.
 
Martineau said:
Then clearly you should be using CIDR notion to greatly reduce the number of physical rules by condensing contiguous IP ranges.
Click to expand...

yes of course..
i mean that every ip is covered, so those Selective Routing RDPB rules have priority!

192.168.77.16/28 all WAN 2
192.168.77.32/27 all WAN 1
192.168.77.64/26 all WAN 1
192.168.77.128/25 all WAN 1

Only ips not "ruled" are first 16.. (because they have to go through load balancing)

Thank you
 
Last edited:
You must log in or register to reply here.

Similar threads

A
Questions about AiDisk (FTP) and remote access of USB HDD - Load balancing and CGNAT
Replies
1
Views
324
OzarkEdge
OzarkEdge
N
dual wan failover & vpn connection
Replies
5
Views
560
Tech9
Tech9
nothingness
RT-AC86U VPN Director Not Routing Through WAN
Replies
1
Views
608
nothingness
nothingness
A
ASUS Dual WAN Failover, Then Failback, Leaves Secondary LAN in "Hot Standby"
Replies
4
Views
602
Kingp1n
K
J
Correctly using VPN Director?
Replies
2
Views
541
jetpack42
J
Similar threads
Thread starter Title Forum Replies Date
M IPv6 and Router Advertisement adding route to delegated /56 via WAN interface Asuswrt-Merlin 0
B How to setup IPV6 static route for Docker IPVLAN Asuswrt-Merlin 0
CaptnDanLKW Simple Route Add Command Asuswrt-Merlin 9
L Openvpn internal error add route Asuswrt-Merlin 0
E Static route vs manually assigned IP around DHCP list? Asuswrt-Merlin 13
B IPv6 static route Asuswrt-Merlin 3
H Does VPN Director Use Routes or IPTables Rules To Route Clients Over a VPN Connection? Asuswrt-Merlin 5
H Can VPN Director Route Guest Wifi Network Traffic Over VPN Connection? Asuswrt-Merlin 0
J How to route domain from server side lan via remote ovpn client Asuswrt-Merlin 6
B Static VPN route in ASUS RT-AC87u with firmware 384.13_10 Asuswrt-Merlin 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 745 (members: 23, guests: 722)
Top