Hey I'm new - go easy on me!
I've got an RT-AC86U running Merlin 384.18. It is connected to NordVPN via OpenVPN with strict policy rules making it so my whole network goes through the VPN - sorta... And therein lies the problem.
My main network is 192.168.1.0/24 and everything in that network works great and goes over the VPN (except a few devices that can't go over VPN for incoming port forwarding purposes). I have a policy rule directing 192.168.1.0/24 through the VPN then exception IP addresses pointed through the WAN.
I'm trying to segment my network to secure my network from some IoT devices.
I have a Linksys Velop system (which is garbage but alas I've got it) providing Wi-Fi to my house and recently switched from bridged to routed mode. The Velop internal network is 10.150.1.0/24 and the internet is actually plugged into my main network. I put the static routing rules in place to let it communicate with my whole network - it works great and it has internet access.
The problem is that if I direct Merlin to direct the Velop network (10.150.1.0) to use the VPN it can't - it loses all internet connectivity. If I remove the rule directing the device IP to VPN (and thus back out the WAN interface) - everything is fine again though the traffic isn't going out via VPN.
BTW, I also tried resubnetting 10.150.1.0/24 to 192.168.2.0/24 with the same results.
So my question is, is this even supported? Can I have an internally routed network access the Internet through a VPN connection with Merlin?
Help?
I've got an RT-AC86U running Merlin 384.18. It is connected to NordVPN via OpenVPN with strict policy rules making it so my whole network goes through the VPN - sorta... And therein lies the problem.
My main network is 192.168.1.0/24 and everything in that network works great and goes over the VPN (except a few devices that can't go over VPN for incoming port forwarding purposes). I have a policy rule directing 192.168.1.0/24 through the VPN then exception IP addresses pointed through the WAN.
I'm trying to segment my network to secure my network from some IoT devices.
I have a Linksys Velop system (which is garbage but alas I've got it) providing Wi-Fi to my house and recently switched from bridged to routed mode. The Velop internal network is 10.150.1.0/24 and the internet is actually plugged into my main network. I put the static routing rules in place to let it communicate with my whole network - it works great and it has internet access.
The problem is that if I direct Merlin to direct the Velop network (10.150.1.0) to use the VPN it can't - it loses all internet connectivity. If I remove the rule directing the device IP to VPN (and thus back out the WAN interface) - everything is fine again though the traffic isn't going out via VPN.
BTW, I also tried resubnetting 10.150.1.0/24 to 192.168.2.0/24 with the same results.
So my question is, is this even supported? Can I have an internally routed network access the Internet through a VPN connection with Merlin?
Help?