VPN Issues

[DoZZa]

Hello,

I have an RT-AC66U with Merlin's latest BETA build installed.

My VPN provider is Giganews, a VyprVPN service which includes a NAT Firewall.

I have managed to successfully setup my VPN on the router using the OpenVPN UI.

All devices can connect to the internet with no problems.

However, I have some services running on the network such as FTP and some CCTV system that I need to access remotely.

With the VPN disabled I can access these services from a remote network with no problems.

But once the VPN is enabled I am not longer able to connect to any of the services.

I have done all the port forwarding on the router but still cannot access the services with the VPN enabled.

Here is an image of my settings on the router.

I am pretty much lost with all of this and could really do with you help.

Thanks in advance,

DoZZa

 

[DoZZa]

I have been messing about with this for the last 6 hours and I am getting nowhere!

I am really lost here and my skill level is just not upto the job.

I have tried messing about with iptables with no effect.

So please, if anyone can help me I would be very grateful.

Thanks

DoZZa

 

[janosek]

I have been messing about with this for the last 6 hours and I am getting nowhere!

I am really lost here and my skill level is just not upto the job.

I have tried messing about with iptables with no effect.

So please, if anyone can help me I would be very grateful.

Thanks

DoZZa

Your best bet is to selectively route the CCTV and ftp through your ISP. you need to port forward the ports on the router and use iptables to tell the router to send any data through the ISP from those two services

 

[jobongo]

Janosek is right. You will have to selectively route the traffic going from the CCTV and the FTP services over your regular ISP. Try typing in the following in the terminal

ip route add default via [ip of wan gateway] table 10
ip route add [subnet of local lan] table 10
ip route add [any other network that you want to be routed] table 10

ip rule add from [ip address of cctv device] table 10
ip rule add from [ip address of ftp server] table 10
ip route flush cache

Try the previous commands. Inside the brackets are the address of subnets without the brackets. e.g. 192.168.1.0/24

The reason that it is not working is when you connect through the normal wan ip externally and the traffic is being replied to from your router the ip is getting routed over the VPN and changed. When it arrives to your remote router (if it gets that far) or your computer the firewall is blocking it because it is getting traffic from an non-established connection. Make sure as janosek mentioned to have port forwarding setup. This should configure the firewall to allow the connections to the local LAN devices without additional iptables commands. Let me know if this helps.