What's new

VPN (Openvpn) - selective routing

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

jbombs16

Occasional Visitor
Asus rt-n66u - Merlin 3.0.0.4.374.38_1

I am running a vpn client using Viscosity (an OpenVPN client) to connect to my vpn provider (torguard).

I want to only route certain traffic over the vpn (e.g., usenet, torrent, etc.).

I found a guide to do what I am looking for but it seems to only work intermittently. I have no idea why it routes the traffic sometimes while it does not other times I connect. The guide is found here http://www.totalhtpc.com/how-to-selectively-route-traffic-through-vpn/

If there is a way to do it within the router, i don't have to use viscosity. I was just using it because it was provided with torguard and I found the guide. I can use openVPN so I assume I can use the VPN within Merlin.

Can anyone step me through the process of routing only certain traffic through the VPN? Basically, I want to route usenet. Or have everything go through (including usenet) while excluding certain traffic (e.g., browser traffic).

Thanks in advance.
 
Asus rt-n66u - Merlin 3.0.0.4.374.38_1

I am running a vpn client using Viscosity (an OpenVPN client) to connect to my vpn provider (torguard).

I want to only route certain traffic over the vpn (e.g., usenet, torrent, etc.).

I found a guide to do what I am looking for but it seems to only work intermittently. I have no idea why it routes the traffic sometimes while it does not other times I connect. The guide is found here http://www.totalhtpc.com/how-to-selectively-route-traffic-through-vpn/

If there is a way to do it within the router, i don't have to use viscosity. I was just using it because it was provided with torguard and I found the guide. I can use openVPN so I assume I can use the VPN within Merlin.

Can anyone step me through the process of routing only certain traffic through the VPN? Basically, I want to route usenet. Or have everything go through (including usenet) while excluding certain traffic (e.g., browser traffic).

Thanks in advance.

No need to have usenet behind a vpn your using ssl 256 bit encryption... torrents you need it... I have a freenas box that I use for torrents and have it set behind the astrill vpn via the router.
 
Thanks for the reply and info. So if I wanted to selective route torrent traffic, can you help with that?
 
Thanks for the reply and info. So if I wanted to selective route torrent traffic, can you help with that?

You need to look at more sophisticated desktop app. I know that Astrill's desktop app allows that with few clicks. You can route all traffic through VPN and exclude certain browsers for instance. No idea how to do it manually.
 
Consider running the Astrill App on your router. It will do what you want without having to write/ adapt scripts.

Astrill isn't necessarily the fastest VPN provider but it is probably the simplest and quickest setup.
 
Consider running the Astrill App on your router. It will do what you want without having to write/ adapt scripts.

Astrill isn't necessarily the fastest VPN provider but it is probably the simplest and quickest setup.

It's far faster than private Internet access... With the desktop i get full speed 125/25 during peak hours... And my standard ping is 11 with vpn on its 33...Let's not even talk about pia...
The router gets 40-50 mbit same server...

Sent from my SM-N900T using Tapatalk
 
hi Admiral, I am on 35/3 internet connection, running overclocked AC56 and I got Astrill trial and Astrill VPN plugin.

I cannot get anything beyond 12-14 Mbps, and latencies are horrendous.

Seems like most of the servers on West Coast, so if you are closer there, maybe you can get decent speeds. For East Coast north, not getting any decent speeds so far...
 
The only time you can get really good speeds are:
- you disable encryption (which defeats the purpose)
- you do not use P2P servers

I was able to close >30 with New York server, but only with encryption disabled.
Even default blowfish - speed drops to half...

I run at a test with testmy.net - just to see if the CPU is the bottleneck - CPU load does not exceed .38

Admiral - can you please share your settings?
 
Last edited:
It's far faster than private Internet access... With the desktop i get full speed 125/25 during peak hours... And my standard ping is 11 with vpn on its 33...Let's not even talk about pia...
The router gets 40-50 mbit same server...

Sent from my SM-N900T using Tapatalk

I would also like to see your settings. The best I could do running OpenVPN from Astrill on my VPN accelerator was 40 - 45Mbps on my 75 Mbps connection.

Using StrongVPN and a server in the same city as the Astrill VPN server I tested I can get 70+Mbps.

Astrill is easy to use and even my wife can change servers to suit her needs but it isn't the fastest, but better than many.
 
I actually have a major problem with Astill. Here are the steps to reproduce:

- Disable JFFS, click on Apply, Reboot
- after reboot, confirm that JFFS shows on webUI as disabled
- enable JFFS, select format on reboot, click apply, reboot
- after reboot it shows JFFS enabled, format unselected (as expected)
- go to https://members.astrill.com/router-setup.php, select ASUS Merlin, click install
- CMD page opens http://192.168.1.1/Tools_RunCmd.asp
- nothing happens
- nothing happens
- I get tired of waiting, click on 192.168.1.1, refresh
- bingo: I see Astrill VPN on left side!
- Astrill page is fully functional now
- before doing ANYTHING with Astrill, simple reboot - router hangs on reboot!
- power cycle #1: no love
- power cycle #2: router comes back to live, BUT NO Astrill plugin present!

Any thoughts?
 
I have no such issues as you Sky. Do not wait for anything to show up once you click on the installation button on Astrill website. Simply click something else on the left menu and then refresh the page to see if it was installed (do not refresh on the installation page of the router).

Probably P2P servers are slow - however I do not use them.
For better encrypted speeds, use Router Pro VPN protocol on Astrill's applet.

I would suggest running their desktop client first and proceed to the Help / speedtest section in order to find out the closest server (lowest ping).

As for VPN there is no fastest or slowest, it all comes down to your location, server load, latency, how fast connections they bought for their servers etc. One VPN will work better for some than another and there are no simple rules.

For me I have to find another VPN that would offer me to max out my fiber connection in Singapore 300/300 and as long as Astrill does it, I am happy.
 
Can anyone help with setting up selective routing using OpenVPN on Merlin?

For example, send torrent via VPN tunnel but exclude browser traffic (or only include torrent, etc.)??

Thanks

PS - i saw that Astrill has a nice applet and desktop app but I would rather not use them due to their sketchy privacy policy, etc.
 
I'm also interessed in this.

What i want to do is to route only the traffic generated by transmission on the router to the VPN and use the normal connection for anything else.

The problem is that you can't just masquerade the torrent port and route to the VPN gateway: the default 51413 is an INCOMING port. Transmission then use totally different range of port to OUT connections.

I read somewhere that you could run Transmission like another user and then (using iproute and iptable) assign all the traffic from that user to the VPN.

But the guide i found is for ubuntu ecc., so I'm having some trouble to let it work

hereis a link: https://bbs.archlinux.org/viewtopic.php?id=175494

and this is what they are trying to do:
Code:
#Create custom group
groupadd router
#Add forwarding for the group 
iptables -t mangle -A OUTPUT -m owner --gid-owner router -j MARK --set-xmark 0xa
iptables -t nat -A POSTROUTING -o wlp3s0 -m mark --mark 0xa -j MASQUERADE
#Run some application as that group
su - -g router  -c "curl http://www.telize.com/ip"
#Delete all changes
iptables -t mangle -D OUTPUT -m owner --gid-owner router -j MARK --set-xmark 0xa
iptables -t nat -D POSTROUTING -o wlp3s0 -m mark --mark 0xa -j MASQUERADE
groupdel router

EDIT:
To use "groupadd" you have to install adduser on the router using optware

Now how to let it work, I don't know..
 
Last edited:

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top