Is this possible? 1 Internet connection, 2 networks, 2 gateways (default and VPN)

rottonpeech · Mar 23, 2020, 8:42 AM

@Bob-Dig said in Is this possible? 1 Internet connection, 2 networks, 2 gateways (default and VPN):

If it was not or is not connected, then traffic would go automatically out to WAN. For this to stop you have to tag that traffic and then block it with a special floating-rule.

Sorry, if im kinda newbish, but how would i go about this?

Bob.Dig · Mar 23, 2020, 8:47 AM

@rottonpeech said in Is this possible? 1 Internet connection, 2 networks, 2 gateways (default and VPN):

Sorry, if im kinda newbish, but how would i go about this?

You won't. You would first setup a working VPN-Client.

rottonpeech · Mar 23, 2020, 10:57 AM

yes. i figured out what you meant, and i also found a few other things that did some magic (like not making a change, but re-saving and committing all my interfaces)

Now I see that all the interfaces are up, and the Client is up... but still cannot route across the VPN client.

Here is a pic if it helps at all

P.S. i also have a open VPN site-to-site that is working, where i am hosting the server side. ![alt text](image url)

Bob.Dig · Mar 23, 2020, 11:01 AM

Please show what you got under
FirewallNATOutbound

Maybe you should do a much simpler setup in the beginning for testing with WAN, LAN, VPN-Client only.

rottonpeech · Mar 23, 2020, 11:01 AM

here are a few other screens

Bob.Dig · Mar 23, 2020, 11:09 AM

@rottonpeech Firewall NATO utbound still missing.

rottonpeech · Mar 23, 2020, 11:07 AM

missed a few

ok, i think thats about all of them

rottonpeech · Mar 23, 2020, 11:09 AM

@Bob-Dig - Sorry, here it is

Bob.Dig · Mar 23, 2020, 11:10 AM

@rottonpeech And there is your problem. Your VPN Client Setup isn't complete. It was never working in the beginning.

rottonpeech · Mar 23, 2020, 11:13 AM

@Bob-Dig
okay, im sorry.. what am i missing? its 4am here and i think my eyes are about to bleed from looking at this stuff so much today. :-\

would you be so kind as to outline what im missing?

/beg

Bob.Dig · Mar 23, 2020, 11:18 AM

@rottonpeech For every subnet you want to be able to use the VPN-client, you need something like this:

rottonpeech · Mar 23, 2020, 11:19 AM

@Bob-Dig Well, I'll be a monkeys uncle... or maybe the monkey... definately the goofball who screwed it up.. You are AWESOME!

thank you very much for that!

Bob.Dig · Mar 23, 2020, 11:22 AM

@rottonpeech And the wan rule there in your picture, I don't think it is needed, although I am not sure.
Once your vpn client is working, it is easy like described in my first post.