What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Routing only traffic to specific IP through VPN?

Celico

New Around Here
Can I do this with the VPN Director? Using the .ovpn file to configure a VPN Client then setting it to VPN Director and choosing the Device there and setting remote IP to 123.45.678.0 for example?
Or do I need to configure this inside the .ovpn file?
 
Last edited:

Attachments

  • Screenshot 2024-12-01 at 19-51-56 ASUS Wireless Router RT-AC68U - VPN Director.png
    Screenshot 2024-12-01 at 19-51-56 ASUS Wireless Router RT-AC68U - VPN Director.png
    16.6 KB · Views: 44
So it's a logical AND between Local IP andRemote IP values in the VPN Director rules, right?

In other words:

If Local IP is empty, no traffic goes into the VPN tunnel

If Local IP is set to x.x.x.0/24 all wifi traffic from all (well, .0-.255) devices goes into the tunnel

If Local IP is set to a specific device's Static IP address, then all traffic from that device only uses the VPN tunnel

But if both Local IP (specific device) and Remote IP are set, then

'only send to Ifce X the traffic originating from the Device at Local IP trying to reach Remote IP'

If so, I could only route Netflix traffic into the VPN from an AppleTV, while all other apps on said AppleTV bypass the VPN.

Am I thinking right?

If so, would I have to create a thousand rules for each of Netflix's numerous IP addresses?

Thank you
 
Last edited:
If Local IP is empty, no traffic goes into the VPN tunnel
Empty translates to ALL. If Local IP (source) is empty it will apply to all sources (lan, guest nw, vpn clients, router itself et.c). Same for Remote IP (destinations).
If Local IP is lan_ip/24 it will only apply to your lan clients and none of the other.


If Local IP is set to a specific device's Static IP address, then all traffic from that device only uses the VPN tunnel
Well, only those covered by Remote IP, but if it's blank, then all unknown destination will be over vpn.


Am I thinking right?
Kind of. It's just rule matching and blank means ALL and both needs to be met for the rule to apply.


If so, would I have to create a thousand rules for each of Netflix's numerous IP addresses?
Yep. Last I checked it had accumulated 2500 ipv4 and 1500 ipv6 for netflix.
Other methods than vpn director is needed which is available in addon section:
https://www.snbforums.com/threads/domain-vpn-routing-v3-0-4-release.92029/post-927927

Or if you prefer to do it manually:
https://github.com/ZebMcKayhan/WireguardManager?tab=readme-ov-file#create-and-setup-ipsets
 
Last edited:
Empty translates to ALL. If Local IP (source) is empty it will apply to all sources (lan, guest nw, vpn clients, router itself et.c). Same for Remote IP (destinations).
If Local IP is lan_ip/24 it will only apply to your lan clients and none of the other.



Well, only those covered by Remote IP, but if it's blank, then all unknown destination will be over vpn.



Kind of. It's just rule matching and blank means ALL and both needs to be met for the rule to apply.



Yep. Last I checked it had accumulated 2500 ipv4 and 1500 ipv6 for netflix.
Other methods than vpn director is needed which is available in addon section:
https://www.snbforums.com/threads/domain-vpn-routing-v3-0-4-release.92029/post-927927

Or if you prefer to do it manually:
https://github.com/ZebMcKayhan/WireguardManager?tab=readme-ov-file#create-and-setup-ipsets
Thanks for the explanation and the pointers. There goes another weekend :)
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Back
Top