x3mRouting x3mRouting failed to configure based on VPN client routing

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

worf

Occasional Visitor
Hi, guys.

First, I restored to factory default.

Configure vpn in web ui

relaxed: Accept DNS Configuration
Policy Rules (strict) :"Force Internet traffic through tunnel

step:
1、Test VPN without using x3mRouting
The result is that all traffic is a broadband interface
Code:
traceroute to www.baidu.com (14.215.177.38), 30 hops max, 38 byte packets
 1  10.0.0.1 (10.0.0.1)  0.301 ms  0.230 ms  0.207 ms
 2  100.64.0.1 (100.64.0.1)  2.409 ms  2.758 ms  2.779 ms
 3  182.150.190.221 (182.150.190.221)  3.606 ms  3.728 ms  3.522 ms
 4  171.208.199.65 (171.208.199.65)  3.760 ms  171.208.199.213 (171.208.199.213)  3.975 ms  61.139.121.41 (61.139.121.41)  3.541 ms
 5  202.97.29.21 (202.97.29.21)  30.634 ms  202.97.96.34 (202.97.96.34)  38.512 ms  202.97.29.17 (202.97.29.17)  30.351 ms
 6  113.96.5.82 (113.96.5.82)  40.200 ms  113.96.5.126 (113.96.5.126)  37.439 ms^C

2、The test uses x3mRouting Policy routing.

run command
Code:
x3mRouting ALL 1 TEST aws_region=US

The ip test result used in the applet is still broadband output

Code:
13.34.31.128/27
52.93.178.143
44.192.0.0/11
52.93.60.0/24
52.93.50.150/31
99.77.151.0/24
54.190.198.32/28
52.93.50.174/31
52.144.194.192/26
54.210.0.0/15
15.230.39.70/31
44.242.161.20/30
52.93.50.164/31


num pkts bytes target prot opt in out source destination


1 0 0 MARK all -- br0 * 0.0.0.0/0 0.0.0.0/0 match-set TEST dst MARK or 0x1000



[email protected]:/tmp/home/root# ip rule


0: from all lookup local


9995: from all fwmark 0x1000/0x1000 lookup ovpnc1


32766: from all lookup main


32767: from all lookup default


What should I do to use it correctly?
 

Xentrk

Part of the Furniture
Amazon US traffic is not traversing thru the iptables rule.

Please try this...go into the policy routing section of the OpenVPN Screen and add an entry for your router IP address and route to the WAN interface. Then, create a DummyVPN1 entry and route to the WAN.

1610948536611.png


What website are you accessing to test?

Test 1
Test is to route a website thru the VPN tunnel:

x3mRouting ALL 1 WIP dnsmasq=whatismyipaddress.com

Then, go to the website. It should report the ip address of your VPN.

Test 2

Go to the OpenVPN screen and add an entry to route your laptop to the VPN. Then, go to whatismyip.com. It should report the IP address of the VPN. Next, create a vpn bypass rule for the website.

x3mRouting 1 0 WIMYP dnsmasq=whatismyip.com

You may have to clear broswer cache for this to work or open a tab in a different browser. Then, go to whatismyip.com. It should report your WAN ip address.
 
Last edited:

worf

Occasional Visitor
Amazon US traffic is not traversing thru the iptables rule.

Please try this...go into the policy routing section of the OpenVPN Screen and add an entry for your router IP address and route to the WAN interface. Then, create a DummyVPN1 entry and route to the WAN.

View attachment 29628

What website are you accessing to test?

Test 1
Test is to route a website thru the VPN tunnel:

x3mRouting ALL 1 WIP dnsmasq=whatismyipaddresss.com

Then, go to the website. It should report the ip address of your VPN.

Test 2

Go to the OpenVPN screen and add an entry to route your laptop to the VPN. Then, go to whatismyip.com. It should report the IP address of the VPN. Next, create a vpn bypass rule for the website.

x3mRouting 1 0 WIMYP dnsmasq=whatismyip.com

You may have to clear broswer cache for this to work or open a tab in a different browser. Then, go to whatismyip.com. It should report your WAN ip address.

Thanks Xentrk.

I want to test the first method "Test 1".
I must add two policy routing . One route IP to wan interface,eg. my lan IP 192.168.50.0/24 to wan. and add Dummy ip to vpn . eg. 172.16.0.1 to vpn

Then run the command
"x3mRouting ALL 1 WIP dnsmasq=whatismyipaddresss.com", correct?
 

worf

Occasional Visitor
Failure. I've never been able to configure it correctly

3C109511-7544-4424-8C76-D5A2BB51A9E7.jpg


488233B5-F0D1-4182-B1EC-BFBA355D2633.jpg


Code:
x3mRouting 1 0 WIP dnsmasq=baidu.com,qq.com,sogou.com
Code:
x3mRouting 1 0 WICN dir=/tmp/mnt/vpn/RT-AC86U/vpn

1610988774111.png


1610989713761.png
 
Last edited:

Xentrk

Part of the Furniture
Thanks Xentrk.

I want to test the first method "Test 1".
I must add two policy routing . One route IP to wan interface,eg. my lan IP 192.168.50.0/24 to wan. and add Dummy ip to vpn . eg. 172.16.0.1 to vpn

Then run the command
"x3mRouting ALL 1 WIP dnsmasq=whatismyipaddresss.com", correct?
Let's take a step back and clarify your requirement. Do you want to route all of your LAN traffic to the VPN and bypass certain sites like Baidu? In the first example, you were not routing any LAN clients to VPN Client 1. But then you were creating a rule to bypass VPN client 1 for Amazon. So that confused me. Then, in a later example, you were creating rules to route certain websites to the VPN.

I wanted you to route the Router IP address 192.168.50.1 to the WAN. Not the entire LAN (e.g. 192.168.50.0/24). Unless that is what you want to do. I just wanted to see an entry in RPDB for VPN Client 1 to help in the troubleshooting.

Examples:

 
Last edited:

Xentrk

Part of the Furniture
Failure. I've never been able to configure it correctly

View attachment 29648

View attachment 29649

Code:
x3mRouting 1 0 WIP dnsmasq=baidu.com,qq.com,sogou.com
Code:
x3mRouting 1 0 WICN dir=/tmp/mnt/vpn/RT-AC86U/vpn

View attachment 29650

View attachment 29651
Please do the test 1 and test 2 as I outlined in my post above rather than changing the websites. It will prove if the rules are working correctly.

Test 1
Test is to route a website thru the VPN tunnel:

x3mRouting ALL 1 WIP dnsmasq=whatismyipaddress.com

Then, go to the website. It should report the ip address of your VPN.

Test 2
Go to the OpenVPN screen and add an entry to route your laptop to the VPN. Then, go to whatismyip.com. It should report the IP address of the VPN. Next, create a vpn bypass rule for the website.

x3mRouting 1 0 WIMYP dnsmasq=whatismyip.com

You may have to clear browser cache for this to work or open a tab in a different browser. Then, go to whatismyip.com. It should report your WAN ip address.
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top