Menu
What's new
By:
Filters Better Search

VPN Kill switch for one specific host

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

E

evangelion69

New Around Here
Hello

I`m looking for solution of my problem. I have enabled open vpn client with Policy Rules in Redirect Internet Traffic. My rules are only Destination IPs because i don't`wont to redirect all traffic from one of my computers. When VPN is down, I want to stop internet connection to this host at all. Something like:

#WAN_IF=`nvram get wan_iface`
#iptables -I FORWARD -i br0 -s 192.168.1.13 -o $WAN_IF -j REJECT --reject-with icmp-host-prohibited
#iptables -I FORWARD -i br0 -s 192.168.1.13 -p tcp -o $WAN_IF -j REJECT --reject-with tcp-reset
#iptables -I FORWARD -i br0 -s 192.168.1.13 -p udp -o $WAN_IF -j REJECT --reject-with udp-reset

#iptables -I FORWARD -i br0 -s 192.168.1.13 -o `nvram get wan_iface` -j DROP

How to do it in Asus WRT?
 
evangelion69 said:
I have enabled open vpn client with Policy Rules in Redirect Internet Traffic. When VPN is down, I want to stop internet connection to this host at all. Something like:

iptables -I FORWARD -i br0 -s 192.168.1.13 -o `nvram get wan_iface` -j DROP
Click to expand...

If the GUI option isn't appropriate

upload_2018-3-26_10-21-36.png


then unless you are using a PPoE WAN interface, change

Code: 
iptables -I FORWARD -i br0 -s 192.168.1.13 -o `nvram get wan_iface` -j DROP
to
Code: 
iptables -I FORWARD -i br0 -s 192.168.1.13 -o $(nvram get wan0_ifname) -j DROP
 
Last edited:
You must log in or register to reply here.

Similar threads

R
Script to detect backup wan and disable certain devices from internet access
Replies
0
Views
363
RandomUser777
R
PaulA
Port isolation on RT-AX88U-Pro (router) w/ Merlin w/ Tagged internet ISP
Replies
1
Views
426
PaulA
PaulA
M
AdGuardHome IPTables blocking TLS port 853 from other hosts
Replies
3
Views
330
dave14305
dave14305
R
One router, two segments desired.
Replies
4
Views
450
Rombo
R
Nick B
Allowing Incoming WAN Connections for WireGuard Client Listed in Director
Replies
7
Views
1K
arkywein
A
Similar threads
Thread starter Title Forum Replies Date
J SSH to disable VPN (or VPN kill switch) Asuswrt-Merlin 11
Z Accessing VPN Clients on Router thru Mobile Phone Asuswrt-Merlin 1
C VPN doing a lot of unrecognized options without them even being in the config IPV6 issue Asuswrt-Merlin 3
Db Major RT-AX88U VPN Server "Others" Page Bug Asuswrt-Merlin 4
A Proper use of VPN director Asuswrt-Merlin 6
L IPSec VPN Server with VNC connection causes ASUS RT-AC3100 to Reboot Asuswrt-Merlin 0
G Need help with VPN Asuswrt-Merlin 2
T Wireguard VPN Disable IPV6 Asuswrt-Merlin 0
O Assigned IP address to the WAN interface via VPN director: no internet connection - why? Asuswrt-Merlin 1
A Asus Merlin 388.6_2 VPN-Director Asuswrt-Merlin 5

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 802 (members: 27, guests: 775)
Top