Solved

DD-WRT v24SP2-MULTI - Atheros - How to setup OpenVPN for WLAN virtual interface

Posted on 2014-03-01
6
1,200 Views
Last Modified: 2014-03-02
Hello, I have an Atheros chip Buffalo brand router running DD-WRT. I have setup 2 wifi signals (the regular and a virtual interface). I have also configured the router to use OpenVPN using StrongVPN as the provider.

Now, how do I get devices connected to the virtual or the regular wifi interface to be routed thru the VPN, while the other wifi signal to be router thru my regular ISP.

I have attached some pictures of the wifi and the OpenVPN setup with identifying information removed. Thanks for the help, this problem has been bugging me for weeks now.
wifi-setup.jpg
OpenVPNsetup.jpg
0
Comment
Question by:confusednewbie
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 78

Expert Comment

by:arnold
ID: 39898246
You would need to VLAN the wifi, then you would need to update the iptables manually to reroute the WIFI IP range via a different path.

note that you should take care to establish a non-vpn route in the event it drops.
0
 

Author Comment

by:confusednewbie
ID: 39898603
thanks, coyld you provide a step by step on how to do this on the dd-wrt interface? like what sections and examples of what to input?
0
 
LVL 78

Expert Comment

by:arnold
ID: 39898616
I am not sure you can achieve the setup you want using the dd-wrt interface.

Policy based routing is a ...

The distinction you are setting
wired connection go out the internet VLAN1
wifi1 connected go out the internet VLAN1
wifi2 connected send all via OpenVPN VLAN2


you may have to use an ssh client to connect to buffalo and use/setup the iptables rules to route........


Ref article VLAN setup dd-wrt example.
http://www.experts-exchange.com/Hardware/Networking_Hardware/Routers/A_10851-DD-WRT-separate-LAN-from-WLAN-on-WRT160NL-linksys-router.html
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:confusednewbie
ID: 39898627
thanks. I tried that and waa always stuck in how to allow openvpn in just vlan2. any commands available? that is the main part I have been stuck with (after following the guide here http://www.dd-wrt.com/wiki/index.php/Separate_LAN_and_WLAN)
0
 
LVL 78

Accepted Solution

by:
arnold earned 500 total points
ID: 39898759
That is the difficult part you have to use iptables SNAT on the way out to match the IP range from the VLAN2 wifi and alter the source IP such that the response will flow back through the VPN rather than sent via the Internet on the other side.

The dd-wrt version on your setup is likely customized by Buffalo.

Have you configured the VLAN of the second wifi and tagged
use
iptables -t nat -L
iptables -t filter -L


When you define the openVPN site to site. you lest the IPs in the policy based routing section that will have the WIFI2 LAN/tagged sent out to 0.0.0.0 via the tunnel.
A discussion that deals with iptables and inter vlan rules.

http://www.dd-wrt.com/phpBB2/viewtopic.php?p=431294

your need deals with inter-location routing
0
 

Author Closing Comment

by:confusednewbie
ID: 39899030
Excellent answer, this pointed me on the right direction. Thanks.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question