Voxel VPN connection problem

[kamoj]

BYPASS THE OPENVPN-CLIENT FOR SPECIFIC CONNECTION:

The easy way 1:
If you use Netflix on a TV or TV-box e.g. that is connected directly to the router.
If the TV is connected to e.g. "LAN port 3" (on the back of the router),
you can easy bypass the openvpn by doing this setting in the router WEB-GUI:

Advanced: Advanced Setup: VLAN/Bridge Settings:
Enable VLAN/Bridge group: By bridge group: Port3
Apply

(Available ports are: Port1 Port2 Port3 Port4 WiFi-2.4G WiFi-5G)

BYPASS THE OPENVPN-CLIENT FOR SPECIFIC DEVICE(S):
The easy way 2:
Install the Kamoj add-on and just add the word "NOVPN" to the device name.
https://www.snbforums.com/threads/k...800-x4s-and-r9000-x10-temperatures-a-o.55063/
See "Bypassing the OpenVPN client tunnel" for details.


BYPASS THE OPENVPN-CLIENT FOR SPECIFIC IP-ADDRESSES:
The more advanced way:
Bypass e.g. TV or traffic to/from a specific local IP-address:

• Make a list of which IP-address your devices have.
  IP-address can be found in the device itself or in the router WEB-GUI
  (Advanced: Advanced Setup: Security: Access Control or
  Basic: Attached Devices).
  
  
• Add the following lines (before the line "exit 0") to the router file: /etc/rc.local
  (Several IP-addresses can be added, just put a blank/space character between each) :
  

  NO_VPN_LST="192.168.1.8 192.168.1.11 192.168.1.12"
  NOVPN_TABLE="200"
  WAN_GWAY=`ip route | awk '/^default/{print $3}'`
  for excludeip in $NO_VPN_LST; do [ $(ip rule list | grep "${excludeip} lookup $NOVPN_TABLE" | wc -l) = "0" ] && ip rule add from ${excludeip} table $NOVPN_TABLE; done
  ip route add default via $WAN_GWAY dev `ip route | awk '/^default/{print $NF}'` table $NOVPN_TABLE
  ip route flush cache

• Then reboot the router

what im stuck on now is how to get Netflix and my xfinity app working after installing/using openvpn-client. Both of these services will not load and give error codes i.e " It indicates that our systems have detected that you are connecting via a VPN, proxy, or “unblocker” . Any suggestions ?

 

[eevanskiteboards]

Kamoj, thank you very much for helping me! I will will attempt this later today.

 

[eevanskiteboards]

ok i followed you last instruction (thanks). after i rebooted the router and logged into your debug page(thanks, amazing tool) . it said OpenVPN Client Status: not started too many clients in red color (or something like that). I then used telnet to stop/start openvpn-client , re checked the debug page and everything is functioning properly !!!! both tv's work with netflix/xfinity without errors!!!! thank you

I do have a question for you though: why did you have me edit the /etc/rc.local file vs the instructions in the readme guide for bypassing the openvpn tunnel /etc/openvpn/ovpnclient-up.sh file?

 

[kamoj]

Very good!

ok i followed you last instruction (thanks). after i rebooted the router and logged into your debug page(thanks, amazing tool) . it said OpenVPN Client Status: not started too many clients in red color (or something like that). I then used telnet to stop/start openvpn-client , re checked the debug page and everything is functioning properly !!!! both tv's work with netflix/xfinity without errors!!!! thank you

why did you have me edit the /etc/rc.local file vs the instructions in the readme guide for bypassing the openvpn tunnel /etc/openvpn/ovpnclient-up.sh file?

I was in the rc.local mode.
If you want to add it to the ovpnclient-up.sh, you should use an extended set of commands to take care of the case where your vpn is going up and down between reboots:

NO_VPN_LST="192.168.1.8 192.168.1.11 192.168.1.12"
NOVPN_TABLE="200"
WAN_GWAY=`ip route | awk '/^default/{print $3}'`
while [ $(ip route list table $NOVPN_TABLE default | grep "default" | wc -l) != "0" ]; do ip route del table $NOVPN_TABLE default 2>/dev/null; done
while [ $(ip route list table $NOVPN_TABLE | grep "default" | wc -l) != "0" ]; do ip route del table $NOVPN_TABLE 2>/dev/null; done
while [ $(ip rule list | grep "lookup $NOVPN_TABLE" | wc -l) != "0" ]; do ip rule del table $NOVPN_TABLE 2>/dev/null; done
ip route flush cache
sleep 1
for excludeip in $NO_VPN_LST; do [ $(ip rule list | grep "${excludeip} lookup $NOVPN_TABLE" | wc -l) = "0" ] && ip rule add from ${excludeip} table $NOVPN_TABLE; done
ip route add default via $WAN_GWAY dev `ip route | awk '/^default/{print $NF}'` table $NOVPN_TABLE
ip route flush cache

 

[Lord_Vader]

Kamoj, if I use the bridge settings, will I lose LAN connectivity? E.g. I have a Netgear switch connected to port 4 on R7800. Port 4 goes to my Nvidia Shield, TV and Yamaha receiver. The Shield needs access to my NAS on port 1.

Advanced: Advanced Setup: VLAN/Bridge Settings:
Enable VLAN/Bridge group: By bridge group: Port4
Apply

 

[stephen provancal]

Kamoj, if I use the bridge settings, will I lose LAN connectivity? E.g. I have a Netgear switch connected to port 4 on R7800. Port 4 goes to my Nvidia Shield, TV and Yamaha receiver. The Shield needs access to my NAS on port 1.

Advanced: Advanced Setup: VLAN/Bridge Settings:
Enable VLAN/Bridge group: By bridge group: Port4
Apply

I was not able to get my devices on the bridge to see the LAN. The IP addresses were completely different and I could not get the devices on the bridge to see the files shared on my USB drive plugged into the router. But I am a noob so it may be possible to do.


I have been trouble getting a port forwarded to a device that is bypassing the VPN using @kamoj script. Before setting up the VPN and bypass, I would get SSH access to a personal server by connecting to port 69 from outside my network and having that port forward to port 22 on the local IP of my server. Now that I have VPN enabled and my server bypassing the VPN, the port does not seem to get forwarded correctly using the webGUI. How would I forward this port correctly/manually so that it works when using VPN bypass script?

Thanks in advance

 

[farenheit]

This might sound like a daft question but, how do i find the IP of my netgear switch?
Also, if i bypass the vpn for my netgear switch, am i right in thinking everything connected to it will bypass the VPN?
Is it not possible to bypass using MAC address? My thinking is that the bypass will persist on a reboot incase IP address gets reassigned.

 

[farenheit]

Also how do i access the rc.local file on a R9000?

NO_VPN_LST="192.168.1.8 192.168.1.11 192.168.1.12"
NOVPN_TABLE="200"
WAN_GWAY=`ip route | awk '/^default/{print $3}'`
for excludeip in $NO_VPN_LST; do [ $(ip rule list | grep "${excludeip} lookup $NOVPN_TABLE" | wc -l) = "0" ] && ip rule add from ${excludeip} table $NOVPN_TABLE; done
ip route add default via $WAN_GWAY dev `ip route | awk '/^default/{print $NF}'` table $NOVPN_TABLE
ip route flush cache

 

[CaptainSTX]

This might sound like a daft question but, how do i find the IP of my netgear switch?
Also, if i bypass the vpn for my netgear switch, am i right in thinking everything connected to it will bypass the VPN?
Is it not possible to bypass using MAC address? My thinking is that the bypass will persist on a reboot incase IP address gets reassigned.

If it is an unmanaged switch then it doesn't have an IP. Even if does have an IP (semi managed smart switch ) having it bypass the VPN tunnel won't result in devices connected to it automatically bypassing the VPN tunnel as the router on most normal networks is in charge of assigning LAN IPs.

 

[farenheit]

Just to add when i make the following changes on my R9000 i lose internet all together on that LAN (no2)
Do i need to have any additional packages installed other that Voxel .15 HW?
Would it make a difference if it's a powerline adapter connection?

Advanced: Advanced Setup: VLAN/Bridge Settings:
Enable VLAN/Bridge group: By bridge group: Port2
Apply