Menu
What's new
By:
Filters Better Search

VPN setup and forwarding RDP port through OpenVPN Client

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Martineau said:
Well either the Selective fwmark port 465 tagging never works?, or if it does indeed (though suddenly cease to) correctly force emails out via the WAN, then you should provide detailed diagnostics to fully substantiate what you mean by "seems to get lost"
Click to expand...

The Solution seems to be some delays.
#!/bin/sh

sleep 2

ip rule del fwmark 0x7000/0x7000 2> /dev/null
ip rule add fwmark 0x7000/0x7000 table 254 prio 9990
ip route flush cache

sleep 2

# Route secure email port to WAN and not VPN.
iptables -t mangle -D PREROUTING -i br0 -p tcp -m multiport --dport 465 -j MARK --set-mark 0x7000/0x7000 2> /dev/null
iptables -t mangle -A PREROUTING -i br0 -p tcp -m multiport --dport 465 -j MARK --set-mark 0x7000/0x7000

# Route RDP port through VPN tunnel
iptables -t mangle -D PREROUTING -i br0 --src 192.168.1.16 -p udp -m multiport --sport 3389 -j MARK --set-mark 0x7000/0x7000 2> /dev/null
iptables -t mangle -D PREROUTING -i br0 --src 192.168.1.16 -p tcp -m multiport --sport 3389 -j MARK --set-mark 0x7000/0x7000 2> /dev/null
iptables -t mangle -A PREROUTING -i br0 --src 192.168.1.16 -p udp -m multiport --sport 3389 -j MARK --set-mark 0x7000/0x7000
iptables -t mangle -A PREROUTING -i br0 --src 192.168.1.16 -p tcp -m multiport --sport 3389 -j MARK --set-mark 0x7000/0x7000
 
dlandon said:
The Solution seems to be some delays.
Click to expand...

I suspect that you could use a single 4 second delay at the start of the script rather two discrete 2 second delays, but not sure why the delay(s) are explicitly necessary in your environment - although having checked my nat-start script it does trundle through performing other junk before it adds my custom fwmark tagging stuff.:rolleyes:
dlandon said:
Code: 
# Route RDP port through VPN tunnel
Click to expand...
P.S. Shouldn't the above be
Code: 
# Route RDP port through WAN
;)
 
Martineau said:
I suspect that you could use a single 4 second delay at the start of the script rather two discrete 2 second delays, but not sure why the delay(s) are explicitly necessary in your environment - although having checked my nat-start script it does trundle through performing other junk before it adds my custom fwmark tagging stuff.:rolleyes:

P.S. Shouldn't the above be
Code: 
# Route RDP port through WAN
;)
Click to expand...

Yep.
 
You must log in or register to reply here.

Similar threads

B
Firewall lan - vpn?
Replies
0
Views
279
blast
B
D
How to restrict VPN network access to certain IP Range or Hosts for specific VPN client
Replies
8
Views
508
ZebMcKayhan
Z
G
VPN Client with Public IP, split tunnel web server over VPN and other traffic not on the VPN
Replies
4
Views
408
Grefyne
G
J
Correctly using VPN Director?
Replies
2
Views
568
jetpack42
J
J
Reverse internet access through Asus-Merlin OpenVPN client.
Replies
0
Views
450
Johnco2
J
Similar threads
Thread starter Title Forum Replies Date
Preskitt.man setup ac68U as bridge to eero network for vpn support Asuswrt-Merlin 18
G VPN client setup - VPN Director option not listed for redirect internet traffic Asuswrt-Merlin 1
G Need help with VPN Asuswrt-Merlin 2
T Wireguard VPN Disable IPV6 Asuswrt-Merlin 0
O Assigned IP address to the WAN interface via VPN director: no internet connection - why? Asuswrt-Merlin 1
A Asus Merlin 388.6_2 VPN-Director Asuswrt-Merlin 5
M VPN FUSION & VPN DIRECTOR Merlin Firmware Asuswrt-Merlin 34
B VPN + Diversion Asuswrt-Merlin 5
S VPN director and LAN traffic Asuswrt-Merlin 2
B Firewall lan - vpn? Asuswrt-Merlin 0

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 883 (members: 18, guests: 865)
Top