x3mRouting x3mRouting ~ Selective Routing for Asuswrt-Merlin Firmware (1-Nov-2020)

[jata]

Hello there!

Been using x3mRouting successfully for about a week now, but I can't seem to be able to wrap my head around something.

Tunneling through two VPN clients pointing to PIA in the US and Spain I'm able to route different services through the respectively desired routes, but after either rebooting the router or seemingly by chance, the router's IP address will begin to report as if tunneling all traffic through either of the connected tunnels.

I was wondering if there would be a way to route everything to the WAN and just use the IPSET rules as exceptions (say, route all Amazon-owned addresses to the US OVPN Client, and leave everything else to be routed by the WAN).

So far I've attempted to set a Policy Rule to route both SRC 0.0.0.0 and DST 0.0.0.0 to WAN, then setting the IPSET rules as asnum and calling them from the OVPN client GUI, but sites still report being able to see my WAN's IP address when done this way.

Is the solution I'm looking for out of scope, or am I doing something wrong perhaps?

Thanks for the help!

I think we are both trying to do the same (or similar) thing - refer to my post above. To summarise what I understand we need to do:

1. install x3mRouting in option 3 mode: OpenVPN Event & x3mRouting.sh Script
2. setup a VPN client connection for a US server (UK server for me as I need to route BBC
3. I think (TBC) the VPN client connection needs to be setup for policy or policy strict for routing internet traffic through tunnel
4. dnsmasq needs to be configured to log dns requests. I think you need the following to switch this on from terminal: dnsmasq -q
5. finally - you need to add the asnum / policy routing and assign to the correct VPN connection - example below:
sh /jffs/scripts/x3mRouting/x3mRouting.sh ALL 2 BBC_ASN asnum=AS2818,AS31459

in bold above is '2' this denotes to apply this policy to VPN client connection 2

However - I have tried to get this working (for BBC iplayer) but currently it's not working

 

[jata]

Just an update from me...

I have now read this entire thread and followed/tried all the configs to get BBC iplayer working using x3mRouting in option 3 mode (using dnsmasq and policy based routing).

I can't get it to work using nordvpn.... Then on the last page of this thread I see that nordvpn is not a good choice for vpn provider for my setup/need.

So I tried using an alternative VPN - Smart DNS / VPN setup and this doesn't work either.

I do think there is something happening/working as when i load the bbc news home page I see different content when on VPN. However all geolocked video content (both on iplayer and in bbc website) - e.g. highlights of england beating germany in the football does not play :-(

@Brainstorm and @Xentrk - wanted to thank you both for all the help and trouble shooting you have done trying to get BBC iplayer working... Please do post if you make any further progress and/or find an alternative approach.

 

[MatteoPV]

I have a question. Now I'm using an SSD connected to my router, two partitions, one for addons and one for disk. I wanted to activate the AiDisk function so that I could also use the disk remotely. On my router I always and constantly use the VPN, using x3mrouting, can I prevent the disk from going into VPN ??? Pointing the disk remotely with VPN is rather boring, if instead the disk was in the WAN I would have no problems

 

[fearz]

Hi,

Please bear with me as I tried to search the thread and its becoming TOO VAST, a couple of things im trying to do which are:

1. I want to enable selective VPN routing (say on VPN Client 1), I want it enabled and only 1 LAN client connected to it
2. The client should have all internet traffic going normally through the WAN IP but ONLY connecting to Netflix via VPN client 1
3. Ability to tell it to connect to specific Netflix regions? say Sweden region or US region?


Is this possible? i'd appreciate someone who's done (if any) to explain it step by step.


Would be highly and extremely appreciated.

Thanks in advance. Questions,

 

[gjf]

Just want to inform (if nobody did it already yet) that x3mRouting is not compatible with latest Merlin introducing VPN Director feature.
If used, the addon ruins VPN Client options page and makes routing abnormal - even with no x3mRouting optiuons installed.
Just as an example.

 

[chongnt]

Just want to inform (if nobody did it already yet) that x3mRouting is not compatible with latest Merlin introducing VPN Director feature.
If used, the addon ruins VPN Client options page and makes routing abnormal - even with no x3mRouting optiuons installed.
Just as an example.

This is not entirely correct. X3mrouting option 2 is having issue. However, x3mRouting option 3 is working perfectly fine with VPN Director. There are some discussion here already.

x3mRouting - 3.86.3 Firmware & VPN Director

Hi Xentrk, I thought I would start a new thread for this in case there are significant changes. What will be the effects on x3mRouting of the new upcoming firmware with all the OpenVPN changes? Will x3mRouting need to be updated, or being scripts, will the updates have minimal effect on how it...

www.snbforums.com

 

[Nimakyma]

Hiya, did anyone get 384.13_10 Asus RT-AC87 to work with x3m?
Thanks!

 

[MatteoPV]

I have a question. I am using the guest network with YazFi. I want all internet traffic on the guest network to go to the WAN, while all internet traffic on the normal network goes to the VPN. After doing some tests, everything works if I give the router the command indicated below. Obviously, when the router is restarted, the command is no longer there, can I use x3mrouting so that the command is always there?


ip rule add from 192.168.2.0/24 table main prio 9890

 

[chongnt]

I have a question. I am using the guest network with YazFi. I want all internet traffic on the guest network to go to the WAN, while all internet traffic on the normal network goes to the VPN. After doing some tests, everything works if I give the router the command indicated below. Obviously, when the router is restarted, the command is no longer there, can I use x3mrouting so that the command is always there?


ip rule add from 192.168.2.0/24 table main prio 9890

Perhaps can add it in /jffs/scripts/nat-start

ip rule del prio 9890 2>/dev/null
ip rule add from 192.168.2.0/24 table main prio 9890

 

[MatteoPV]

Perhaps can add it in /jffs/scripts/nat-start

ip rule del prio 9890 2>/dev/null
ip rule add from 192.168.2.0/24 table main prio 9890

I don't have that file, I should create it. I was wondering instead if I can use x3mrouting

 

[chongnt]

I don't have that file, I should create it. I was wondering instead if I can use x3mrouting

X3mRouting is useful when we want to route ipsets or add/delete rules when openvpn client comes up or goes down. It might not do what you want.

 

[MatteoPV]

I believe it does but I'm not sure how to adjust it. Can anyone help me ?

 

[ugandy]

I believe it does but I'm not sure how to adjust it. Can anyone help me ?

howto: https://github.com/Xentrk/x3mRouting

 

[MatteoPV]

I installed x3mrouting but couldn't do what I wanted. Once installed, all internet traffic goes over the WAN. Instead, I want the IPs from 192.168.1.3 to 192.168.1.254 to go to VPN 1 while those from 192.168.2.0 to 192.168.2.24 go to WAN. How can I do?

 

[kernol]

I installed x3mrouting but couldn't do what I wanted. Once installed, all internet traffic goes over the WAN. Instead, I want the IPs from 192.168.1.3 to 192.168.1.254 to go to VPN 1 while those from 192.168.2.0 to 192.168.2.24 go to WAN. How can I do?

Sadly it seems the developer of this x3mrouting script "has left the building" - @Xentrk has not been seen on these forums or on his GitHub site since 1 June 2021. Really hope Doug is OK ... have not even had a response to emails sent to him :-( ???

It may be up to another VPN routing expert to take up the project and adapt / fix it to work with the significant changes brought about by the Maestro RMerlin and his VPN Director setup included in the latest 386 firmware.

 

[MatteoPV]

Ok, thanks for the answer

 

[MatteoPV]

Sadly it seems the developer of this x3mrouting script "has left the building" - @Xentrk has not been seen on these forums or on his GitHub site since 1 June 2021. Really hope Doug is OK ... have not even had a response to emails sent to him :-( ???

It may be up to another VPN routing expert to take up the project and adapt / fix it to work with the significant changes brought about by the Maestro RMerlin and his VPN Director setup included in the latest 386 firmware.

I was able to solve the problem using VPN Director

 

[kernol]

I was able to solve the problem using VPN Director

Pleased to hear that - VPN Director does simplify the management of basic VPN Client configs - and works well for me.
However @Xentrk did add some great extra features, some of which need adaptation to work properly under the new firmware.

Still hoping the original script author will re-emerge ... and if not that one of the other code experts will take up the challenge.

 

[MatteoPV]

I agree with you. For now, however, the solution has been found

 

[Vertron]

Does anyone know how to set this up so the following services will use the WAN IP for devices set to use the VPN:
Netflix, BBC I player, ITV Hub, All 4, My 5, Now TV, Amazon Prime

I've spend ages reading old threads, the GitHub, etc. and can't get anything to work, keep getting error messages when attempting to run commands. Does this script still work?