What's new

VPN Director on ASUS AX88-U

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Svalbaard

Occasional Visitor
Hello everyone. I hope I have posted this in the right section rather than the ASUSWRT specific section.

I have just upgrade to Merlin 386.3 and am liking the VPN director functionality. On the previous versions however, every device behind my router used to be forced to go through a VPN interface. If I wanted to exclude any single device so it instead went through the standard WAN, then I'd have to turn the VPN profile off, hence forcing all devices to go then go through the WAN interface rather than the VPN interface. I could not ever seem to create a rule (that actually worked) that simply forced one device through the WAN, and everything else to go through the VPN.

Using VPN Director, it seems I'm in the same place in that to achieve this I'd need to create a separate rule for every device on my network, for every VPN interface (I generally have 3 OVPN client interfaces configured on the router) so for example I have network 10 devices I'd potentially need to create 30 rules (10 devices x 3 OVPN profiles) - and also create a specific rule also for the device that I only want to go through the WAN interface.

Notwithstanding that some of these use DHCP which means that those IP addresses might change, am I into a world of constant rule management? Also if I wanted to add a new OVPN profile then I'd also have to recreate another set of 10 or so rules.

So my question is (I guess) I there an easier way to exclude any single device to force it through the WAN, and have everything else go through the VPN interface(s)?

I hope that makes sense. If so, am I missing something obvious?

Many thanks in advance.




Sval
 
... may be look to assign a static IP for the one device you want to go to WAN, and use CIDR to direct all others to VPN ....
 
I could not ever seem to create a rule (that actually worked) that simply forced one device through the WAN, and everything else to go through the VPN.

All that's required is two rules. One that routes *everything* through the VPN, and another that routes that one device over the WAN. Even though everything is routed over the VPN, the WAN rule will take precedence over the VPN rule for that one device.

192.168.1.0/24 VPN
192.168.1.100 WAN
 
To add to the question, what if I wanted to specific device (my TV) to go through a different VPN? My setting is like this, but it doesnt work - the specified device still uses VPN1:

192.168.1.0/24 VPN1
192.168.1.100 VPN2
 
Thanks, but that does not work unfortunately. As soon as you add a rule with an IP like xxxx/24, it will always add it to the top of the list - even when you have created a rule for a specific device before.
 
Update: I played around with it some more and also reversed the order of the VPN connections itself. I added the VPN that I wanted to use for a specific device first (VPN1), then the VPN that I want to use for all other devices (VPN2). That way it works like a charm. I guess this is what you wer trying to tell me? :)

My setup now looks like this, which works great:

Screenshot 2021-08-03 115808.jpg
 
Sorry for the delay in response, but just wanted to thank you all for your help. Your combined advice worked a treat and I now have it all working as I want.

Thanks again.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top