Menu
What's new
By:
Filters Better Search

VPN Director Question

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

S

sirzur

Occasional Visitor
In the VPN director page, is it possible to add a rule to direct access to a domain to WAN?

The reason why I am attempting that is to allow Voice over Wifi (VoWifi) to work together with VPN. I have discovered that in order for VoWifi to work on a phone which is directed through VPN, I need to make sure that traffic to the VoWifi DNS host is going through the WAN. In my situation for the carrier that I am with, the DNS host is epdg.epc.mnc001.mcc505.pub.3gppnetwork.org and also epdg.epc.mnc071.mcc505.pub.3gppnetwork.org. I have used the nsloopup website and determined the IP address of the two DNS host (which has 4 IP addresses for each URL, ie. a total of 8). So I was wondering whether there is any way to enter the URL rather than IP address in VPN director. Or even with a wild card like *.pub.3gppnetwork.org rather than IP address

Here is a screenshot of my VPN director rule showing the 8 IP address
VPN Director Rule - VoWifi.jpg
 
Use of a domain name won't work because the underlying mechanism for such routing is based on ip rules, which do NOT take a domain name.

Code: 
ip rule add to 149.135.224.26 table main

I suppose it's possible to write your own script to update the VPN Director by resolving those domain names and adding the ip rules yourself, perhaps w/ each reboot or update of the firewall. It can still be a bit tricky since you have to ensure proper placement/priority within the list of existing ip rules in order to maintain proper precedence.

BTW, in a case like this, it's often simpler and usually safe to treat these resolved domains as class C domains.

Code: 
149.135.224.0/24
149.135.226.0/24
149.135.232.0/24
149.135.233.0/24
101.168.246.0/24

Not a huge difference in this particular case, but can sometimes dramatically reduce the number of rules.

Frankly, I would recommend NOT routing the VOIP adapter through the VPN in the first place, thus you could base the rule on the single source IP of the VOIP adapter. I don't like having VOIP on the VPN for this and other reasons (e.g., I don't want to risk dropped calls since a VPN is typically less reliable than your ISP connection).
 
Last edited:
Thanks and I appreciate the detailed response to my question. Looks like I will just live with the rules, but maybe have the 5 you recommend instead of the 8 that I have.

I too agree that the VOIP adapter should not be routed through VPN. I actually routed my VOIP ATA adapter through the WAN when I was running a "landline". But because of the imminent shutdown of 3G network, Voice over LTE (VoLTE) and Voice over Wifi (VoWifi) has been implemented by my mobile/handphone/cellphone provider for phone calls. So the VoLTE and VoWifi is through my Android phone, which I also use for browsing the internet and also has multiple banking and government services app. I therefore prefer to use this through the VPN.

I could turn the VoWifi off (and just use VoLTE) because I live and travel in city areas where there is good cell coverage. That would be a workaround to keep VoLTE. I noticed that with VoWifi on, if the Vowifi cannot be connected, the phone has a hissy fit and also shuts down VoLTE ie. I can't even make a call.
 
Last edited:
I had actually considered another option for you, but there appears to be a bug preventing it.

www.snbforums.com

OpenVPN Client: mishandled route directives

ASUS RT-AC68U - 386.14 I'm trying to help the OP w/ the following problem. https://www.snbforums.com/threads/vpn-director-question.91225/ One approach I was considering is to add route directives to the custom config field of the OpenVPN client to route the following domains through the WAN...
www.snbforums.com www.snbforums.com
 
Oh, thanks for this. I will await the response to your question with interest. That is an elegant solution
 
You must log in or register to reply here.

Similar threads

eibgrad
OpenVPN Client: mishandled route directives
Replies
7
Views
615
eibgrad
eibgrad
L
question of vpn director rule
Replies
7
Views
423
lgkahn
L
L
Suggestion: DNS Director, add optional compatibility with DOT
Replies
2
Views
212
Linuxer
L
S
VoWifi and NAT Acceleration
Replies
0
Views
455
sirzur
S
B
It is possible to use TOR in VPN Director?
Replies
9
Views
568
RMerlin
RMerlin
Similar threads
Thread starter Title Forum Replies Date
L question of vpn director rule Asuswrt-Merlin 7
6 VPN Director ok, device no connect. Asuswrt-Merlin 19
J VPN director Multiple OpenVPN clients Asuswrt-Merlin 7
Groot WireGuard VPN leaking DNS with DNS Director / RT-AX88U Asuswrt-Merlin 5
W Need help to resolve VPN Director issue Asuswrt-Merlin 27
B It is possible to use TOR in VPN Director? Asuswrt-Merlin 9
A PROBLEM, DNS Director AdGuard + VPN Wireguard Asuswrt-Merlin 9
B Solved What VPN Director rule should i use to be able to connect outside my home to my VPN provider? Asuswrt-Merlin 2
K Toggle VPN Director rules for WireGuard via SSH Asuswrt-Merlin 2
Tom Jo-Jo Junior Shabadoo VPN Director - batch of 300+ CIDRs Asuswrt-Merlin 5

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,153 (members: 14, guests: 1,139)
Top