What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Trying to setup a vpn killswitch but not having any luck

R

Rick7C2

Occasional Visitor
Right now I have my vpn setup so only 192.168.1.200-192.168.1.249 use vpn.

In addition to that rule the vpn is bypassed if the destination ip is in my ipset.

I'm trying to setup a killswitch that blocks internet access for only the ip's above and only if the destination ip doesn't match my ipset.

I've tried...
Code: 
# Reject all non white listed connections from vpned ip's from outgoing wan interface.
iptables -I FORWARD -i br0 -m iprange --src-range 192.168.1.200-192.168.1.249 ! -m set --set bypass_vpn dst -o $(nvram get wan_iface) -j REJECT --reject-with icmp-host-prohibited
But I can't get the ! to work.


I've also tried
Code: 
# Allow whitlisted connections from vpned ip's from outgoing wan interface
iptables -I FORWARD -i br0 -m iprange --src-range 192.168.1.200-192.168.1.249 -m set --set bypass_vpn dst -o $(nvram get wan_iface) -j ALLOW

# Reject all connections from vpned ip's from outgoing wan interface.
iptables -I FORWARD -i br0 -m iprange --src-range 192.168.1.200-192.168.1.249 -o $(nvram get wan_iface) -j REJECT --reject-with icmp-host-prohibited

But this doesn't stop the internet access when vpn is off.

What am I doing wrong?
 
You must log in or register to reply here.

Similar threads

T
Internet connection via ISP despite existing VPN connection in the Asus RT-AC 86U
Replies
5
Views
628
tom
T
Nick B
Allowing Incoming WAN Connections for WireGuard Client Listed in Director
Replies
7
Views
2K
arkywein
A
M
ASUS Merlin iptables rule not applying.
Replies
11
Views
5K
Boysa22
B
R
One router, two segments desired.
Replies
4
Views
1K
Rombo
R
J
IPTables allow access to specific ports from tun21 to new bridge
Replies
5
Views
2K
eibgrad
eibgrad
Similar threads
Thread starter Title Forum Replies Date
J trying to setup vpn client Asuswrt-Merlin 2
D Trying to understand Guest Network Pro limitations Asuswrt-Merlin 39
M NEXTDNS setup questions Asuswrt-Merlin 1
L Need help/advice for RT-AX3000 and Verizon 5g home setup Asuswrt-Merlin 0
E Wireguard to PiHole setup Asuswrt-Merlin 10
B Please Help - OpenVPN Site-to-Site and Remote Access Setup – One Client, Two Servers (Asus RT-AC68U, Merlin 386.14_2) Asuswrt-Merlin 0
J Guest Network Pro on RT-AX88U Pro IoT VLAN Setup with TP-Link TL-SG1008 Unmanaged Switch Asuswrt-Merlin 8
F How do setup vlans on gt-ax16000 running merlin? Asuswrt-Merlin 4
J VPN Client Setup Asuswrt-Merlin 1
Z 2 mesh networks setup Asuswrt-Merlin 11

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 805 (members: 23, guests: 782)
Back
Top