Problem, Dedicate SSID for VPN and SSID for Regular ISP using OpenVPN.

[th3on3]

Hi

I got a problem with dedicating SSID for VPN and one for regular ISP.

I have followed this guide without success:
How to setup SSID for VPN and SSID for Regular ISP using OpenVPN
https://github.com/RMerl/asuswrt-merlin/wiki/How-to-setup-SSID-for-VPN-and-SSID-for-Regular-ISP-using-OpenVPN.

VPN is connected and the script is on, but all interface is routed to VPN server. I cant dedicate only interface wl0.1 to for VPN.

Anyone?

 

[Martineau]

Did you include the OpenVPN directive

  route-nopull

in the Custom VPN panel before you started the VPN?, otherwise you need to uncomment the line in the script to remove the default route.

If this doesn't help then post the output of

ip rule
ip route show table  10
ifconfig

I use a similar technique in my scripts, but chose to edit

 /jffs/configs/dnsmasq.conf.add

to define which Guest SSID(s) may be eligible to be forced to use either of the VPNs

     # 2.4GHz Guest #3 via VPN uses DHCP pool xxx.xxx.243.2 - xxx.xxx.243.20
     interface=wl0.3
     dhcp-range=wl0.3,xxx.xxx.243.2,xxx.xxx.243.20,255.255.255.0,21600s
     dhcp-option=wl0.3,3,xxx.xxx.243.1

     # 5Ghz Guest #3 via VPN uses DHCP pool xxx.xxx.53.2 - 10.88.53.20
     interface=wl1.3
     dhcp-range=wl1.3,xxx.xxx.53.2,10.88.53.20,255.255.255.0,21600s
     dhcp-option=wl1.3,3,xxx.xxx.53.1

So when I start a VPN client, /etc/nsmasq.conf is read by my VPN_Select.sh script to allow me to dnamically have say the 2.4GHz Guest SSID #3 use VPN Client 1 and 5GHz Guest #3 use VPN Client 2 whilst having say the PS3 also use either of the VPNs...as per my log:

Feb  4 14:15:06 openvpn[25280]: /usr/sbin/ip link set dev tun11 up mtu 1500
Feb  4 14:15:06 openvpn[25280]: /usr/sbin/ip addr add dev tun11 vvv.vvv.vvv.vvv/22 broadcast bbb.bbb.bbb.bbb
Feb  4 14:15:06 (VPN_Select.sh): 25290 OpenVPN Client1 Selective routing starting....  /jffs/scripts/VPN_Select.sh wl1.3
Feb  4 14:15:07 (VPN_Select.sh): 25290 CMD: ip route add default via vvv.vvv.vvv.vvv dev tun11 table 100
Feb  4 14:15:07 (VPN_Select.sh): 25290 CMD: ip rule add fwmark 1 table 100
Feb  4 14:15:07 (VPN_Select.sh): 25290 SSID AbcdefghVPN53 is being configured to use OpenVPN Client1.....
Feb  4 14:15:07 (VPN_Select.sh): 25290      Lookup 'wl1.3' in DNSMASQ returned:>xxx.xxx.53.1< and Subnet Prefix >xxx.xxx.53<
Feb  4 14:15:07 (VPN_Select.sh): 25290      CMD: ip rule add dev wl1.3 table 100
Feb  4 14:15:07 (VPN_Select.sh): 25290 SSID AbcdefghVPN53 is configured to use OpenVPN Client1.
Feb  4 14:15:07 (VPN_Select.sh): 25290 CMD: ip rule
Feb  4 14:15:07 (VPN_Select.sh): 25290      0:	from all lookup local  32764:	from all iif wl1.3 lookup 100  32765:	from all fwmark 0x1 lookup 100  32766:	from all lookup main  32767:	from all lookup default 
Feb  4 14:15:07 (VPN_Select.sh): 25290 CMD: ip route show table 100
Feb  4 14:15:07 (VPN_Select.sh): 25290      default via vvv.vvv.vvv.vvv dev tun11 
Feb  4 14:15:07 (VPN_Select_ON_OFF.sh): 25348 VPN Selective routing for [PS3-Bedroom ON FORCE]
Feb  4 14:15:07 (VPN_Select_ON_OFF.sh): 25348 Lookup 'PS3-BEDROOM' in DNSMASQ returned:>xxx.xxx.8.142<
Feb  4 14:15:07 (VPN_Select_ON_OFF.sh): 25348 VPN Selective routing for xxx.xxx.8.142 set MARK=1 (ON) comments
Feb  4 14:15:07 (VPN_Select_ON_OFF.sh): 25348 VPN Selective routing for xxx.xxx.8.142 WAN access blocked
Feb  4 14:15:07 (IPTablesDump.sh): 25394 Started [VPN_Client_xxx.xxx.8.142-ON]
Feb  4 14:15:08 (IPTablesDump.sh): 25394 Complete - dumped to /tmp/mnt/RT-AC56U/IPtables-rules_VPN_Client_xxx.xxx.8.142-ON.txt
Feb  4 14:15:08 (IPTablesDump.sh): 25471 Started [VPN_Client_Select1]
Feb  4 14:15:08 (IPTablesDump.sh): 25471 Complete - dumped to /tmp/mnt/RT-AC56U/IPtables-rules_VPN_Client_Select1.txt
Feb  4 14:15:08 (VPN_Select.sh): 25290 OpenVPN Client1 Selective routing completed....
Feb  4 14:15:08 openvpn[25280]: Initialization Sequence Completed