Unable to Route Clients Through VPN From Guest Network 1

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

maddog28

New Around Here
First post on here, been following for years and found most answers.

Running 4b on AX88U and unable to route Guest Network 1 clients through the VPN. In OpenVPN, set to strict policy routing and set the entire guest network 1 subnet (since guest 1 gives an entirely new subnet) to route through VPN. Unfortunately, after setting this policy rule, all guest clients get blocked from accessing the internet at all.

Even when specifying specific clients on the guest network to route through the VPN, internet access is blocked for those specified guest clients.

When using guest network 2, everything works as advertised.

I am running a mesh network and I want clients that are farther away to connect to the mesh node guest network and then through the VPN for added security.

While I am assuming that the new subnet and guest 1 have something to do with it, just wanted to run it by the experts here to get your thoughts.

Thanks for any assist!
 

ColinTaylor

Part of the Furniture
Maybe you should have posted this in the Beta thread.
 

Jack Yaz

Part of the Furniture
If I had to guess, Asus' new guest implementation creates a new bridge, and policy routing applies to br0. you could try running something like
Code:
ip route add 192.168.51.0/24 dev br1 proto kernel table ovpnc1 src 192.168.51.1
to see if this helps. replace the IP subnet and ovpnc1 accordingly (ovpnc1 being client 1)
EDIT: I'm hoping to make YazFi AiMesh 2.0 compatible for syncing Guest 1 to nodes once 386 is stable, so you won't need to worry about command line stuff if I'm successful :)
 

maddog28

New Around Here
If I had to guess, Asus' new guest implementation creates a new bridge, and policy routing applies to br0. you could try running something like
Code:
ip route add 192.168.51.0/24 dev br1 proto kernel table ovpnc1 src 192.168.51.1
to see if this helps. replace the IP subnet and ovpnc1 accordingly (ovpnc1 being client 1)
EDIT: I'm hoping to make YazFi AiMesh 2.0 compatible for syncing Guest 1 to nodes once 386 is stable, so you won't need to worry about command line stuff if I'm successful :)
Thanks for the command line. I put that in and no response from Putty (not sure if one is given, new to SSH). Tried to route the clients and the same issues as OP.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top