On one LAN
-
Hi,
At the moment OpenVPN when running is active on all LANs.
How can I make it so that OpenVPN only works on specified LANs and the other LANs access the internet
as normal?Thanks
-
Can anyone please help me with this?
I'm concerned about locking myself out of the box if I mess up.Here is how I have it at the moment…
LAN 1 ---> PC1
LAN 2 ---> OPENVPN (PC2)
LAN 3 ---> PC3
LAN 4 ---> AP WIFISo as it currently stands with how I have OpenVPN configured is like this...
Certificates:
Peer Certificate Authority
Client CertificateOpenVPN:
Interface: WANInterface:
name: openvpn
type: none (default)
rest as default)Firewall rules:
LAN 2
pass
interface: lan2
protocol: any
type: lan 2 subnet
destination: any <---- is it this part that plays an important part?The firewall rules above I have set for all 4 LAN ports with the exception of gateway (as below) which is only set on LAN 2.
gateway: openvpn
But as it stands when I have OpenVPN enabled. All LANs have VPN access. How can I force VPN on one of the LANs?
thanks
-
Check what the system default gateway is. It's in System: Routing:
It looks like it's possibly using the OpenVPN gateway as the default rather than the WAN gateway.Steve
-
Check what the system default gateway is. It's in System: Routing:
It looks like it's possibly using the OpenVPN gateway as the default rather than the WAN gateway.Steve
Hi Steve,
System –-> Routing ---> Gateways = WAN (default).
Details within are...
Interface: WAN
Name: WAN
Gateway: Dynamic
Default Gateway = ticked -
I got it sorted. And I think this is the right way.
Although I never tried this because I thought default was exactly that.So…
Even though System ---> Routing ---> Gateways = WAN shows as default.
If I did not specifically select the gateway in the firewall rule under gateway.
Despite the fact it's set by default to DEFAULT which because of that you'd think it would use
WAN since that's default right?
Well to stop all adapters from using OpenVPN I had to actually specify WAN in the firewall rule under
gateway. -
Ah, good to here. I suspect that the OpenVPN connection is stealing the default gateway when it is brought up. There is an option to allow the default gateway to change but I can't remember where it is off hand. ::) I think it's disabled by default anyway.
More likely is that the VPN adds a default route when it comes up. I think that is a changeable setting also. VPNs are not strong point of mine to be honest. :)
Steve
