RT-AC68U use OpenVPN Client connection for specific hostname

[angeldev]

Hi all,

I bought a VPN service for privacy reasons and I would like to use it for specific hostnames.
I saw that in the VPN settings you have the possibility to force the internet connection traffic based on IP Address (You can use both source and destination address), is there a way to specify the list of hostnames to include or exclude for the VPN tunneling?

Thanks a lot in advance.

 

[Jeffrey Young]

Is this what you are looking for?

‎https://github.com/RMerl/asuswrt-merlin.ng/wiki/Static-ip-for-OpenVPN-clients

 

[angeldev]

Is this what you are looking for?

‎https://github.com/RMerl/asuswrt-merlin.ng/wiki/Static-ip-for-OpenVPN-clients

Hi Jeffrey, thanks for your answer. Unfortunately this is not what I'm looking for.
In my case the RT-AC68U acts as a VPN client (is connected to a server) and I want to redirect the traffic of my LAN hosts through the VPN tunnel using specific policies that include or exclude some hostnames.

Let me give you an example:

• Suppose that you have two clients in the LAN host1 and host2
• I would apply a policy that enforce all the LAN traffic (h1 and h2) through the VPN tunnel for *.netflix.com
• Another possibility is to enforce all the LAN traffic through the VPN tunnel except for some hostname like *.netflix.com, *.example.com, etc.

I hope that I've clarified a little bit my request.
Thanks again for the support.

 

[Martineau]

Hi Jeffrey, thanks for your answer. Unfortunately this is not what I'm looking for.
In my case the RT-AC68U acts as a VPN client (is connected to a server) and I want to redirect the traffic of my LAN hosts through the VPN tunnel using specific policies that include or exclude some hostnames.

Let me give you an example:

• Suppose that you have two clients in the LAN host1 and host2
• I would apply a policy that enforce all the LAN traffic (h1 and h2) through the VPN tunnel for *.netflix.com
• Another possibility is to enforce all the LAN traffic through the VPN tunnel except for some hostname like *.netflix.com, *.example.com, etc.

I hope that I've clarified a little bit my request.
Thanks again for the support.

see x3mRouting ~ Selective Routing for Asuswrt-Merlin Firmware

 

[Jeffrey Young]

Ok, thanks. I got it.

In the client GUI, turn on strict policy rule as per below. Additional rule windows will open up for you;

Also have a browse through this website. You can put a whole host of OpenVPN directives in the custom config field (don't need the --) that allows to customize the VPN client to your needs.

https://openvpn.net/community-resources/how-to/

I don't use OpenVPN, but I have seen many posts on this site with many examples. Just need to do a little searching.

 

[Martineau]

Ok, thanks. I got it.

In the client GUI, turn on strict policy rule as per below. Additional rule windows will open up for you;

View attachment 23557

Also have a browse through this website. You can put a whole host of OpenVPN directives in the custom config field (don't need the --) that allows to customize the VPN client to your needs.

https://openvpn.net/community-resources/how-to/

I don't use OpenVPN, but I have seen many posts on this site with many examples. Just need to do a little searching.

This doesn't work as the OP specified

VPN tunnel for *.netflix.com
​

and the Selective Routing GUI only works for static target destination IP addresses not domain names.

 

[Jeffrey Young]

This doesn't work as the OP specified

VPN tunnel for *.netflix.com
and the Selective Routing GUI only works for static target destination IP addresses not domain names.

Good to know, thanks @Martineau