SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Wireless Networking > ASUS Wireless > Asuswrt-Merlin

Reply
 
Thread Tools Search this Thread Display Modes
  #11  
Old 08-25-2013, 05:47 PM
abl75 abl75 is offline
New Member
 
Join Date: Jul 2013
Posts: 11
Thanks: 4
Thanked 6 Times in 2 Posts
abl75 is just starting out
Default

Hi Jobongo

I have tried to setup your script, as found on Gilthub, on Asuswrt-merlin Build 3.0.0.4.372.31 but strangely when trying to run it from WinSCP it has reported errors with your original "blank" lines (already removed), as well as a missing "then" (?)

Here is the script I am using:

#!/bin/sh
touch -am /tmp/000VPNbypassstarted
####### Interface Specific Settings #######
WRLSS_IF=wl0.1 # Name of the wireless interface that will be used.
WRLSS_IF_NTWK_ADDR=192.168.2.0 # Network address that the wireless interface will be on.
WRLSS_IF_INET_ADDR=192.168.2.1 # IP address that will be assigned to the wireless interface.
WRLSS_IF_NETMASK=255.255.255.0 # Netmask of the wireless network to be added.
TUN_IF=tun11 # Name of tunnel interface.
########## DHCP Specific Settings ###########
DHCP_OPT1=3 # dnsmasq option to specify router.
LS_TIME=86400s # Duration of the dhcp leases.
LS_START=192.168.2.100 # Start address of leases. This needs to be within the same network as above.
LS_END=192.168.2.120 # End address of leases. This needs to be within the same network as above.
######## Hide SSID of Guest Network ########
### HIDE_SSID=0 # This option is to hide the SSID of a guest network if a guest network is used. 1=hide and 0=visible.
################################################## ################################################## ######
########################################## DHCP Server ################################################## #
if [ `cat /etc/dnsmasq.conf | grep -c $WRLSS_IF` == 0 ]; then
killall dnsmasq
sleep 2
echo "interface=$WRLSS_IF" >> /etc/dnsmasq.conf
echo "dhcp-range=$WRLSS_IF,$LS_START,$LS_END,$WRLSS_IF_NETMAS K,$LS_TIME" >> /etc/dnsmasq.conf
echo "dhcp-option=$WRLSS_IF,$DHCP_OPT1,$WRLSS_IF_INET_ADDR" >> /etc/dnsmasq.conf
dnsmasq --log-async
fi
sleep 2
### Check to see if tun interface is available ###
while [ ! -n "`ifconfig | grep $TUN_IF`" ]; do
sleep 1
done
############################################ IP ROUTING ##################################################
ifconfig $WRLSS_IF $WRLSS_IF_INET_ADDR netmask $WRLSS_IF_NETMASK; then
ip route show table main | grep -Ev ^default | while read ROUTE; do
ip route add table 10 $ROUTE;
done
#ip route del 0.0.0.0/1 table main # Uncomment this line if you are not using the route-nopull option.
# Many VPN service providers push this route to redirect internet traffic over the tunnel.
ip route add default dev $TUN_IF table 10
ip rule add dev $WRLSS_IF table 10
ip route flush cache
####################################### ETHERNET BRIDGE TABLES RULES #####################################
EBT_BRULE1="-p ipv4 -i $WRLSS_IF -j DROP"
EBT_BRULE2="-p arp -i $WRLSS_IF -j DROP"
if [ -n "$EBT_BRULE1" ] && [ `ebtables -t broute -L | grep -ice "$EBT_BRULE1"` != 1 ]; then
ebtables -t broute -I BROUTING $EBT_BRULE1
fi
if [ -n "$EBT_BRULE2" ] && [ `ebtables -t broute -L | grep -ice "$EBT_BRULE2"` != 1 ]; then
ebtables -t broute -I BROUTING $EBT_BRULE2
fi
############################################ IP TABLES RULES #############################################
if [ `iptables -L -v | grep -c $WRLSS_IF` == 0 ]; then
iptables -I INPUT -i $WRLSS_IF -m state --state NEW -j ACCEPT
iptables -I FORWARD -i $WRLSS_IF -o $TUN_IF -j ACCEPT
fi
if [ `iptables -t nat -L -v | grep -c $TUN_IF` == 0 ]; then
iptables -t nat -I POSTROUTING -s $WRLSS_IF_NTWK_ADDR/24 -o $TUN_IF -j MASQUERADE # Change /24 to the subnet that you will be using.
fi
############################################### HIDE SSID ################################################
### if [ `nvram get "$WRLSS_IF"_closed` != 1 ] && [ $HIDE_SSID == 1 ]; then
### nvram set "$WRLSS_IF"_closed=1
### nvram commit
### fi
### if [ `nvram get "$WRLSS_IF"_closed` != 0 ] && [ $HIDE_SSID == 0 ]; then
### nvram set "$WRLSS_IF"_closed=0
### nvram commit
### fi
touch -am tmp/000VPNbypasscomplete

As can be seen I removed the logic to allow hiding the SSID, and added a couple of Touch commands to monitor its execution.
Reply With Quote
  #12  
Old 01-07-2014, 12:27 AM
biff biff is offline
New Member
 
Join Date: Jan 2014
Posts: 1
Thanks: 1
Thanked 0 Times in 0 Posts
biff is just starting out
Default

Hi Solidify,

I'd love to see how you setup openvpn via entware. I have not been able to get it running. I've spent a couple of evenings googling, but haven't really found anything useful. The entware install of openvpn seems very minimal, and I suspect I missing a lot of stuff.

I have the VPN Client working via the firmware GUI, but I really want to set up a VPN on its own SSID, so getting this installation of openvpn going is my current bottleneck.

Could you share your config files and setup, or pass along any useful links you might have?

Thanks in advance.
Reply With Quote
  #13  
Old 09-22-2014, 01:37 PM
nizx nizx is offline
New Member
 
Join Date: Sep 2014
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
nizx is just starting out
Default Issues with RT-AC68

I am trying your script on the RT-AC68U running Merlin but I cant get it to work, all apparently goes as expected but all the traffic is routed to the VPN on my main SSID, and on the Guest one assigned for the VPN I cannot even connect to internet. Anything I can check to troubleshoot this? I would really love to use this at home.
Reply With Quote
  #14  
Old 10-24-2014, 11:43 PM
Rookie Rookie is offline
New Member
 
Join Date: Oct 2014
Posts: 4
Thanks: 2
Thanked 0 Times in 0 Posts
Rookie is just starting out
Default

Before I try this out, has anybody been using this script without any issues?Sounds like a really cool concept.
Thanks for sharing.
Reply With Quote
  #15  
Old 10-27-2014, 08:02 PM
saffron saffron is offline
New Member
 
Join Date: Oct 2014
Location: Australia
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
saffron is just starting out
Default

Great work Jobongo.

Is it feasible to run 3 SSID on a AC68U - 2 different openVPN and 1 regular ISP?

I've got a AC68U running stock firmware and will have a go at 1 VPN/ 1 ISP but wont to avoid introducing another router to run the second VPN.
Reply With Quote
  #16  
Old 10-27-2014, 11:45 PM
nizx nizx is offline
New Member
 
Join Date: Sep 2014
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
nizx is just starting out
Default Still not working

Hopefully someone can help. I really love to try this out but it is not working on the AC68U. Tried the script but all traffic is still routed to the VPN on the main Wifi and the one used for the VPN has no internet access.
Reply With Quote
  #17  
Old Yesterday, 07:43 AM
Alfsu Alfsu is offline
New Member
 
Join Date: Sep 2013
Location: Saudi Arabia
Posts: 20
Thanks: 0
Thanked 3 Times in 3 Posts
Alfsu is just starting out
Default Route Traffic - NOT- in VPN client page

Quote:
Originally Posted by nizx View Post
Hopefully someone can help. I really love to try this out but it is not working on the AC68U. Tried the script but all traffic is still routed to the VPN on the main Wifi and the one used for the VPN has no internet access.
Try by disabling "Route Traffic" option in the VPN client configuration page. The VPN will be established but no traffic will go through it unless it is specifically routed using IP tables; which should be already part of the SSID for VPN configuration.

You can find more related information in the Selective Routing thread

Good luck!
__________________
RT-AC56U: Asuswrt-Merlin .47 /USB HDD/Samba/Split VPN Tunnel/DNS filtering/Cooling
Reply With Quote
Reply

Tags
multiple, ssid, vpn

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -4. The time now is 01:29 PM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  401
john9527  157
azazel1024  114
htismaqe  100
sfx2000  81
stevech  75
ColinTaylor  65
AndreyPopov  57
TonyH  55
bbb0777  42
RMerlin  6059
john9527  389
stevech  351
ryzhov_al  280
TeHashX  237
L&LD  232
RogerSC  201
sinshiva  147
sfx2000  134
joegreat  126
Most Viewed Threads* Hottest Threads*
Old Asuswrt-Merli...  28521
Old Brainstorming...  2626
Old Advice on...  2571
Old Looking for...  2351
Old RT-AC68P...  2329
Old RT-AC68U...  1867
Old Asus...  1796
Old Issues...  1763
Old Stable...  1648
Old AC-68...  1606
Old Asuswrt-Merli...  205
Old Advice on...  49
Old Brainstorming...  47
Old Looking for...  35
Old RT-AC68P...  29
Old WiFi...  27
Old Stable...  25
Old Issues...  25
Old WiFi Rates  23
Old RT-AC68U...  22


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.