Solved VPN Director

macster2075

Very Senior Member
Quick question on the VPN Director. It's been working great.. I was looking for a way to point all devices to OpenVpn for a specific server.
I am using 192.168.1.0/24 for all devices except 3 of them which are connecting only to the WAN.

VPND1.jpg


I noticed if I would want for another device to connect to a different server using OVPN2, like below...
The Test device pointing to OVPN2 will only connect to OVPN1.

I thought the VPN Director would allow me to point any device where I want.

Test device will only connect to the OVPN2 if I don't have 192.168.1.0/24 which I understand is for the entire network, but why does the Director apply the rules differently?
If I point the Test device to WAN, then it will connect to WAN, but not to anything else (except OVPN1)... why is that?

VPND2.jpg
 

fryedchikin

Regular Contributor
If I remember correctly, WAN rules take priority over VPN rules. If you have conflicting routes for VPN the router has no way of knowing which one you want to take priority. You could narrow down your DHCP scope to free up some addresses to test with and still have one rule to route everything else over VPN.
 

RMerlin

Asuswrt-Merlin dev
why is that?
Because of client priorities:


WAN rules have the highest priority. After that, Client 1 has the first priority. Client 2 rules would be applied only after these.

So in your case, you would need to swap the two OpenVPN clients.
 

macster2075

Very Senior Member
Thanks Merlin.. makes sense now.. and great read on that wiki!
 

TonyK132

Senior Member
Is there a way to backup and restore the VPN Director rules from a directory somewhere? I reset my configuration and now I'm trying to get back to the config as it was before.
 
Last edited:

RMerlin

Asuswrt-Merlin dev
Code:
cp /jffs/openvpn/vpndirector_rulelist /mnt/SOME_USB_DISK/
 

macster2075

Very Senior Member
@RMerlin I point all my traffic to the OVPN1, which includes the machine running Pihole. Should I point the Pihole to WAN or it doesn't matter?
 

RMerlin

Asuswrt-Merlin dev
@RMerlin I point all my traffic to the OVPN1, which includes the machine running Pihole. Should I point the Pihole to WAN or it doesn't matter?
Up to you. Depends if you want all the traffic from that PiHole instance to be redirected through the VPN. But keep in mind that the more complicated the setup, the more likely for something to eventually break.
 

macster2075

Very Senior Member
Oh ok. I've had it like this for some time and I haven't noticed anything strange. I just wasn't sure if I had to point it to the WAN or whether it mattered or interfered with anything or not.
 

Mr. Boniato

Occasional Visitor
I point all my traffic to the OVPN1, which includes the machine running Pihole. Should I point the Pihole to WAN or it doesn't matter?
If your router didn't have the option to point devices to WAN or VPN, the router will auto point devices to the WAN.
So just point Pihole to the WAN and you'll be OK.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top