I just set up vpn1 client and vpn2 client, both using policy, and no conflicts between the two. Again as first post, however after a reboot, ssh goes through the vpn as expected.
This is on 380.57.2_HGG-FINAL (AC68U)
Bottom line is - reboot after making changes if using multiple vpn clients.
(vpnrouting.sh): 5255 Patched by John9527/Martineau vpnrouting.sh
openvpn-routing: Configuring policy rules for client 1 to 113.29.228.130
openvpn-routing: Creating VPN routing table
openvpn-routing: Removing routes 0.0.0.0/1,128.0.0.0/1 from table main
openvpn-routing: Removing rule 1101 from routing policy
openvpn-routing: Added 172.0.0.1 to 0.0.0.0 through VPN to routing policy
openvpn-routing: Added 172.0.0.99 to 0.0.0.0 through VPN to routing policy
openvpn-routing: Setting default route 10.200.5.11 for table 111
openvpn-routing: Setting VPN Server 1 route 10.8.0.0/24 for table 111
openvpn-routing: Setting VPN Client bridge route 10.3.0/24 for table 111
openvpn-routing: Completed routing policy configuration
ip rule
0: from all lookup local
900: from 10.3.0.0/24 lookup hma
1101: from 172.0.0.1 lookup hma
1102: from 172.0.0.99 lookup hma
1301: from 172.0.0.2 lookup vpn2
32766: from all lookup main
32767: from all lookup default
(vpnrouting.sh): 5616 Patched by John9527/Martineau vpnrouting.sh
openvpn-routing: Configuring policy rules for client 2 to 192.157.56.146
openvpn-routing: Creating VPN routing table
openvpn-routing: Removing routes 0.0.0.0/1,128.0.0.0/1 from table main
openvpn-routing: Removing rule 1301 from routing policy
openvpn-routing: Added 172.0.0.2 to 0.0.0.0 through VPN to routing policy
openvpn-routing: Added 172.0.0.99 to 0.0.0.0 through VPN to routing policy
openvpn-routing: Tunnel re-established, restoring WAN access to VPN clients
openvpn-routing: Setting default route 10.200.5.77 for table 112
openvpn-routing: Setting VPN Server 1 route 10.8.0.0/24 for table 112
openvpn-routing: Setting VPN Client bridge route 10.3.0/24 for table 112
openvpn-routing: Completed routing policy configuration
ip rule
0: from all lookup local
900: from 10.3.0.0/24 lookup hma
1101: from 172.0.0.1 lookup hma
1102: from 172.0.0.99 lookup hma
1301: from 172.0.0.2 lookup vpn2
1302: from 172.0.0.99 lookup vpn2
32766: from all lookup main
32767: from all lookup default
(vpnrouting.sh): 5943 Patched by John9527/Martineau vpnrouting.sh
openvpn-routing: Configuring policy rules for client 1 to 113.29.228.130
openvpn-routing: Creating VPN routing table
openvpn-routing: Removing routes 0.0.0.0/1,128.0.0.0/1 from table main
openvpn-routing: Removing rule 1101 from routing policy
openvpn-routing: Removing rule 1102 from routing policy
openvpn-routing: Added 172.0.0.1 to 0.0.0.0 through VPN to routing policy
openvpn-routing: Setting default route 10.200.5.11 for table 111
openvpn-routing: Setting VPN Server 1 route 10.8.0.0/24 for table 111
openvpn-routing: Setting VPN Client bridge route 10.3.0/24 for table 111
openvpn-routing: Completed routing policy configuration
ip rule
0: from all lookup local
900: from 10.3.0.0/24 lookup hma
1101: from 172.0.0.1 lookup hma
1301: from 172.0.0.2 lookup vpn2
1302: from 172.0.0.99 lookup vpn2
32766: from all lookup main
32767: from all lookup default
Thanx Martineau for trying it out. So yes after I change a policy setting, hit apply with one of the two vpn clients running, ssh no longer goes through vpn, (as well as minecraft game). There is no conflict in policy.
You can see when you log into a machine outside your wan, by typing ss -tp.
So lets say my desktop is running behind my router. I have two vpn clients running using policy on router's gui. I set up vpn1 client to route my desktop to vpn1, I set vpn2 client policy on router to route a raspi to a different vpn (vpn2). Everything works fine at this point. I decide I want to add another device behind my lan to go through vpn1 or vpn2. I make changes in gui, no conflicts, hit apply and wait, but not reboot. Next I open terminal on Desktop and type ssh name@host (a vps outside my lan). After I log in I type ss -tp and it shows my routers edge ISP IP. To fix- I reboot the router. After reboot everything is good again.
I appreciate your time checking to see if you can replicate.
Edit: I just retested the bug out again, just like above I made a change to vpnclient1, (add another device to the policy) hit apply, (Desktop and another device now going through vpnclient1) opened terminal and SSH no longer goes through vpnclient1. I can make changes to vpnclient2 without it affecting devices on vpnclient1 it seems.
add another device behind my lan to go through vpn1 or vpn2.
ip route show table 111
default via 10.200.5.77 dev tun11
and
ip route show table 112
default via 10.200.5.77 dev tun12
created from
ip route
<snip>
10.200.4.0/22 dev tun11 proto kernel scope link src 10.200.5.11
10.200.4.0/22 dev tun12 proto kernel scope link src 10.200.5.77
<snip>
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!