YazFi YazFi: Guest traffic not routed through VPN

  • ATTENTION! You'll notice a Prefix dropdown when you create a thread. If your post applies to one of the topics listed, please use that Prefix for your post. When browsing the thread list you can use the Prefix to filter the view.
  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

blobe

New Around Here
Hi Guys,

Probably this has been talked about a lot, but I've read half the topics and couldn't find a solution.

What I'm trying to do, is to set up VPN ONLY for a guest network (thru protonvpn). The problem is, if I enable the VPN client, all my traffic flows through the vpn tunnel, not just the guest network traffic.

This is the configuration pushed by the VPN server:

Code:
PUSH: Received control message: '
PUSH_REPLY,
dhcp-option DNS 10.18.0.1,
redirect-gateway def1,
sndbuf 524288,
rcvbuf 524288,
explicit-exit-notify,comp-lzo no,
route-gateway 10.18.0.1,
topology subnet,
ping 10,
ping-restart 6

Figured out that it's probably because the 'redirect-gateway def1'being pushed, which I can filter with
Code:
pull-filter ignore "redirect-gateway"

Which seems to do the work according to the log:
Code:
Pushed option removed by filter: 'redirect-gateway def1'

Now my main traffic is not routed through the VPN tunnel. But neither is my guest network traffic, and this is where I'm stuck right now.

This is my YazFi configuration:
Code:
wl01_ENABLED=true
wl01_IPADDR=192.168.2.0
wl01_DHCPSTART=2
wl01_DHCPEND=254
wl01_DNS1=192.168.1.1
wl01_DNS2=192.168.1.1
wl01_FORCEDNS=true
wl01_REDIRECTALLTOVPN=true
wl01_VPNCLIENTNUMBER=1
wl01_TWOWAYTOGUEST=false
wl01_ONEWAYTOGUEST=true
wl01_CLIENTISOLATION=false

this is the default client-side configuration provided by protonvpn (except for the pull-filter ignore which I added):
Code:
remote-random
resolv-retry infinite
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
remote-cert-tls server
pull
pull-filter ignore "redirect-gateway"
fast-io

I can only assume that the openVPN configuration has issues.

I'm using merlin 384.18 and YazFi v4.1.4 on an RT-N18U.

Any help is appriciated, I've spent a few afternoon trying to fix this. :)
 

Jack Yaz

Part of the Furniture
Have you actually set "Redirect Internet traffic" in the VPN client to policy rules?
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top