I want to set up all devices connected to my LAN default to be on a VPN, and then selectively exclude some devices that need location in order to work properly. i.e. Spectrum TV app on a Roku device will not work unless it detects I am on my home network.
I have set up one OpenVPN client with all my devices with IP 192.168.1.0/24 and a second client where I set the excluded devices to WAN. Is this the best way to do this, or can it all be done in one client VPN? I was not able to make one client VPN to work to do this.
I also want to be able to access my desktop (IP 192.168.1.4) on my LAN while out of my house. The desktop computer is also on the VPN. I have tried many ideas from Googling and browsing this forum, but have not come up with anything that works. How does one port forward the RDP port (3389) so RDP will work out of my home?
EDIT: I ended up with an arrangement of IP address assignments and policy rules under the OpenVPN client that achieved what I was looking for.
I set up the DHCP server to only assign IP addresses from 192.168.1.21 to 192.168.1.254 so IP addresses from 192.16.1.2 to 192.168.1.20 were reserved. This gives me several IP addresses (192.168.1.16 to 192.168.1.20) to use for fixed IP addressed devices that will go to the VPN.
I set up the Client VPN for Policy Rules and added the following policy rules:
192.168.1.0/28 WAN
192.168.1.0/24 VPN
I assign devices in the IP range of 192.168.1.2 to 192.168.1.15 that I want to go to the WAN. Devices in the range of 192.168.1.16 to 192.168.1.254 will default to the VPN. This way everything I don't explicitly assign an iP address in the range of 192.168.1.2 to 192.168.1.15 will default to the VPN.
I don't have to specify specific device IP addresses in the policy rules that can get quite tedious.
I have set up one OpenVPN client with all my devices with IP 192.168.1.0/24 and a second client where I set the excluded devices to WAN. Is this the best way to do this, or can it all be done in one client VPN? I was not able to make one client VPN to work to do this.
I also want to be able to access my desktop (IP 192.168.1.4) on my LAN while out of my house. The desktop computer is also on the VPN. I have tried many ideas from Googling and browsing this forum, but have not come up with anything that works. How does one port forward the RDP port (3389) so RDP will work out of my home?
EDIT: I ended up with an arrangement of IP address assignments and policy rules under the OpenVPN client that achieved what I was looking for.
I set up the DHCP server to only assign IP addresses from 192.168.1.21 to 192.168.1.254 so IP addresses from 192.16.1.2 to 192.168.1.20 were reserved. This gives me several IP addresses (192.168.1.16 to 192.168.1.20) to use for fixed IP addressed devices that will go to the VPN.
I set up the Client VPN for Policy Rules and added the following policy rules:
192.168.1.0/28 WAN
192.168.1.0/24 VPN
I assign devices in the IP range of 192.168.1.2 to 192.168.1.15 that I want to go to the WAN. Devices in the range of 192.168.1.16 to 192.168.1.254 will default to the VPN. This way everything I don't explicitly assign an iP address in the range of 192.168.1.2 to 192.168.1.15 will default to the VPN.
I don't have to specify specific device IP addresses in the policy rules that can get quite tedious.
Last edited: