Bypass VPN for exactly 1 particular destination ip

Hello,

ich would like to keep VPN allways on with the force VPN option.

Now i have 1 destination ip, that shall not go through the VPN.

At the moment i would try this, what do you think?:

ip rule add to 8.8.8.8 lookup 20
ip route add table 20 default via 192.168.0.1 dev eth0

I combine your command and

iptables -A zone_lan_forward -d 8.8.8.8 -o eth0 -j ACCEPT

it works.

You can comfirm the result by

ping 8.8.8.8

cat /proc/net/nf_conntrack | grep icmp | grep 8.8.8.8

and check the second dst field.

 

Hi,

i used the Static IPv4 Routes Interface GUI in the Advanced settings and it works.

GUI interface for VPN bypass

Heello,

I am not experience with this, but I need 2 local IP to be excluded from the VPN I have the ar150 version 2.27 with the standard GUI. Can someone walk me thru the setup?

Thanks

If you don’t ticked “Force VPN” when running OpenVPN, you can access local IP.

Sorry I don’t understand!? Here is the question! I need step by step instruction on how to perform the task.

Actually, not clear what do you mean access local IP. As I am understand correctly, you want to access the main router’s subnet with OpenVPN.

If you start OpenVPN without tick “Force VPN”, you can access the main router’s subnet, but if you ticked “Force VPN”, it will delete the forward rule between lan and wan, which cause you can’t access the main router’s subnet.

Not sure if it is a solution for you. If not, please explain more about “2 local IP to be excluded from the VPN”.

image