Menu
What's new
By:
Filters Better Search

ASUS RT-AC68, rmerlin, and TorGuard

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

DaemonOfChaos

New Around Here
I have an ASUS RT-AC68 running rmerlin's firmware. I also have a TorGuard VPN account and have created a connection to TorGuard using the OpenVPN client.

Is it possible to send traffic to particular sites / IPs (e.g. Netflix, Hulu, my banks, and a few others) not through the VPN but through the "regular" or direct internet connection? Nothing in the admin interface is catching my eye for configuring that.
 
TheNewNormal said:
Not sure (some smart cookie around here will know) but this is the method I intend trying when I have time:

http://www.snbforums.com/threads/ho...nd-ssid-for-regular-isp-using-merlinwrt.9839/

EDIT

This looks like what you're after:

http://www.snbforums.com/threads/openvpn-policy-routing-guide.24384/
Click to expand...
The first link appears to only work for wireless connections while I have some wired connections that also need to be handled.

The 2nd link looks spot on and I will give it a try. Thank you for the assist!
 
DaemonOfChaos said:
I have an ASUS RT-AC68 running rmerlin's firmware. I also have a TorGuard VPN account and have created a connection to TorGuard using the OpenVPN client.

Is it possible to send traffic to particular sites / IPs (e.g. Netflix, Hulu, my banks, and a few others) not through the VPN but through the "regular" or direct internet connection? Nothing in the admin interface is catching my eye for configuring that.
Click to expand...


Here is an example:
Code: 
#!/bin/sh
/usr/bin/logger -t START_$(basename $0) "started [$@]"
touch /tmp/000vpn_route_up.ran
logger -t "($(basename $0))" $$ "Starting custom vpn_route_up.sh"
echo "($(basename $0))" $$ "Starting vpn_route_up.sh"


ip route flush table 10
ip rule del table 10
ip rule del fwmark 10 table 10
ip route flush table 12
ip rule del table 12
ip rule del fwmark 12 table 12
ip route flush cache
iptables -t mangle -F PREROUTING

echo "($(basename $0))" $$ "RTNETLINK errors are from deleting tables that don't exist yet and can be ignored."
# NOTE: Here I assume the OpenVPN tunnel is named "tun11".
tun_if="tun11"
tun_ip=$(ifconfig $tun_if | grep 'inet addr:'| cut -d: -f2 | awk '{ print $1}')

logger -t "($(basename $0))" $$ "CMD: ip route add default via $tun_ip dev $tun_if table 10"
logger -t "($(basename $0))" $$ "CMD: ip route add default via $(nvram get wan_gateway) dev eth0 table 12"

ip route add default via $tun_ip dev $tun_if table 10
ip rule add fwmark 10 table 10
ip route add default via $(nvram get wan0_gateway) dev eth0 table 12
ip rule add fwmark 12 table 12
echo 0 > /proc/sys/net/ipv4/conf/$tun_if/rp_filter

#
# Define the routing policies for the traffic. The rules will be applied in the order that they
# are listed. In the end, packets with MARK set to "10" will pass through the VPN. If MARK is set
# to "12" it will bypass the VPN.

# By default all traffic goes via the VPN
iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 10



#examples
logger -t  $(basename $0) "Websites that need to go via ISP (Vpn bypass)"
# iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range website-ip-address-here -j MARK --set-mark 12
iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 91.189.94.12 -j MARK --set-mark 12 # http://ubuntuforums.org/
iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 155.136.80.216 -j MARK --set-mark 12 # http://www.natwestinternational.com


/usr/bin/logger -t STOP_$(basename $0) "return code $?"
exit
create a script and name it vpn_route_up.sh and save it to /jffs/scripts/.
Set permission to 755
add the following to the vpn client Custom Configuration box and press apply.
script-security 2
route-up /jffs/scripts/vpn_route_up.sh


to add particular sites / IPs (e.g. Netflix, Hulu, my banks, and a few others) you need to find out their Ip addresses in order to add them to the script.
see my example at the end of the scrip.

 
You must log in or register to reply here.

Similar threads

T
VPN Fusion: Select by target IP, not client device
Replies
4
Views
361
RMerlin
RMerlin
Daniel LaRusso
Diversion Diversion not working w/VPN Director/Merlin 3004.388.4/Asus RT-AX88U/Wireguard
Replies
3
Views
2K
ZebMcKayhan
Z
M
Problem with NTP and latest release RT-AC5300
Replies
0
Views
182
markbng
M
M
T-Mobile ASUS TM-AC1900 (RT-AC68U variant) gets WAN IP and can ping Internet but connected WiFi clients indicate no Internet?
Replies
7
Views
2K
Maximum-Split-7860
M
G
AiMesh problems with ASUS RT-AC86U Firmware version 3.0.0.4.386_51925 and ASUS RT-AC66U B1 Firmware version 3.0.0.4.386_51685
Replies
3
Views
1K
galapogos01
G
Similar threads
Thread starter Title Forum Replies Date
O Asus Mesh over Managed switches (VLAN issue) ASUS Wi-Fi 13
Armand28 BIG issue with ASUS routers killing network with upload flood ASUS Wi-Fi 10
N ASUs router per device whitelist ASUS Wi-Fi 0
J Asus router reboots same time each night ASUS Wi-Fi 1
G ASUS configuration for dummies ASUS Wi-Fi 2
I Purchase Advice - Asus / Non-Asus Replacment ASUS Wi-Fi 16
B Can't connect Widows 10 machine to ASUS RT-AX58U using IPSec ASUS Wi-Fi 2
hadesflames Asus Routers Announcement to Release? ASUS Wi-Fi 5
T ASUS Aimesh Ethernet backhaul ASUS Wi-Fi 9
F Bought asus rt-ax86u pro router ASUS Wi-Fi 4

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 723 (members: 14, guests: 709)
Top