Just picked up one of these routers.
I have the OpenVPN client working fine with TorGuard - both private and guest WiFi clients and anything attached to the LAN ports is being directed over the VPN. Great.
Is it possible to configure the router in a way such that:
Private WiFi clients + anything physically connected to either of the two LAN ports → direct to WAN.
Guest WiFi clients → over VPN
works the other way around fine. vpn on lan and local internet access on guest.
under a default installation on v3.x firmware, is there lower bandwidth or prioritization between lan and guest networks.
under vpn policy, the only way I have found to assign a constant vpn and local internet access is to deny vpn to guest network and deny vpn to all processes and use the lan network for vpn traffic and the guest network for local traffic. My concerns are if default route settings between lan network and guest network allow traffic from lan network to guest n…
You can try the following commands if you use cable connect to inetrnet, or if you use a different Internet connection, you can make some changes
ip rule add iif br-lan lookup 1 pref 999
iptables -I FORWARD -i br-lan -j ACCEPT
I saw the option for VPN policies appear (for me) after the latest firmware update and the slider that enables/disables the VPN for the guest WiFi does as it says on the tin.
If I start to dig a hole I feel I’m in danger of being unable to escape from I might settle for this option.
Likewise, thanks luochongjun - I am going to have a tinker with it tomorrow so I’ll see how I get on! It’s not “in production”
yet, so what my daughter doesn’t have she won’t miss and I can destroy it time and time again until I get it right.
bikefright, do you know what extroot is? might make for easier backups and restores… also makes nice for extra plugins/opkg space