Menu
What's new
By:
Filters Better Search

Second router as VPN gateway

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

R

rmon

New Around Here
I would like to connect only a few devices on my network to a VPN. My Asus router allows either all devices to connect to the VPN, or none.
I can't use the Merlin or DD-WRT firmwares because I am using aimesh.

Can I use a spare Asus router as a VPN Gateway? I am planning to use it as the default gateway only for those devices that I want to connect to the VPN.

I can't figure out how to configure the IP addresses so that the VPN gateway can be reached by the same subnet of my main router, but uses this main router to connect to the Internet.
Basically it would need to use the same subnet both on the LAN and on the WAN side for the VPN gateway.

Is this possible?

Thanks for helping
 
rmon said:
Basically it would need to use the same subnet both on the LAN and on the WAN side for the VPN gateway.

Is this possible?

Thanks for helping
Click to expand...

This makes no sense. BY DEFINITION, when you have a WAN and LAN, you have a routing configuration, which mean the two sides necessarily must have different IP networks (subnets), which is why you need the routing in the first place . If the two sides share the same network, then they are necessarily SWITCHED, not routed.

What you can do is use a secondary router as a VPN gateway by patching its LAN side to the existing LAN, having it connect to a VPN server over the WAN of the primary router, then configuring select LAN clients to use it (instead of their default gateway on the primary router) as their gateway. IOW, those clients always use the VPN router as their gateway, which in turn routes them over the primary router's WAN. The best way to handle it is to configure exceptions in DHCP (via DNSMasq) to give those clients the VPN router's IP address instead of the primary router as thei default gateway. In some cases, you could also statically configure clients, but that's often impossible (e.g., mobile devices), or impractical.

One additional change I would make it to NAT those same clients of the VPN router over to the primary router so that they send their replies back to it, which then returns those replies to the client. If you don't, then the replies from the primary router will bypass the VPN router completely. And while it will still work, you'll end up w/ lots of dangling connections on the VPN router (which eventually will timeout). It's just cleaner to avoid that by NATing the traffic as comes into the VPN router and is sent over to the primary router.
 
You must log in or register to reply here.

Similar threads

T
Dual Routers ??
Replies
6
Views
235
thecubbyholeshop
T
M
VPN for a Cruise Ship
Replies
11
Views
627
sfx2000
sfx2000
gdgross
Setting up VPN server (router?) for offsite access
Replies
13
Views
782
gdgross
gdgross
G
Asus firmware IKEv2 VPN security issue
Replies
7
Views
778
rung
R
A
Best way to set up vpn on router for gaming?
Replies
13
Views
1K
Benbrode
B
Similar threads
Thread starter Title Forum Replies Date
gdgross Setting up VPN server (router?) for offsite access VPN 13
A Best way to set up vpn on router for gaming? VPN 13
F Router for VPN with AES-NI VPN 8
F Site To Site VPN between Debian VM and AsusWRT-Merlin router, no routes exists VPN 2
C Wireguard on Asus: Can only see router, not LAN Devices! VPN 2
G VPN router on AIS VPN 0
A openvpn on tp-link behind isp router VPN 0
Diablo99 Asus RT-AX86U Router & VPN VPN 8
A Port forwarding over proton VPN on Asus Merlin router. VPN 9
P Cannot get VPN to function properly from ASUS router to Apple TV VPN 3

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 813 (members: 38, guests: 775)
Top