SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Wireless Networking > ASUS Wireless > Asuswrt-Merlin

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 02-28-2013, 01:03 PM
Bagman's Avatar
Bagman Bagman is offline
Member
 
Join Date: Nov 2012
Posts: 64
Thanks: 18
Thanked 12 Times in 12 Posts
Bagman is just starting out
Default Possible to send site-specific data only over OpenVPN?

Is it possible to set up the OpenSSL client to connect to a VPN, but then only route connections over that VPN based on the domain or IP of the target machine?

Ideally I'd like it so that when I'm using a browser, going to specific websites goes over the VPN, and other traffic goes via the normal non-VPN routes.

I've had a bit of a search all over the place, but it's all a bit confusing as to whether I can do this directly on the router.

Thanks for any help/suggestions/ideas!
Reply With Quote
  #2  
Old 02-28-2013, 01:13 PM
janosek janosek is offline
Senior Member
 
Join Date: Jan 2013
Posts: 129
Thanks: 18
Thanked 7 Times in 6 Posts
janosek is just starting out
Default

Quote:
Originally Posted by Bagman View Post
Is it possible to set up the OpenSSL client to connect to a VPN, but then only route connections over that VPN based on the domain or IP of the target machine?

Ideally I'd like it so that when I'm using a browser, going to specific websites goes over the VPN, and other traffic goes via the normal non-VPN routes.

I've had a bit of a search all over the place, but it's all a bit confusing as to whether I can do this directly on the router.

Thanks for any help/suggestions/ideas!

Yes you can. You need to enable your JFFS filespace, then create a WAN-START script under /jffs/scripts.

Here is the general script and description:
http://www.thegeekpost.com/2013/02/0...penvpn-client/


The only issue I have is with timing. Sometimes I have to reboot the router several times to get it to work properly because the openvpn client is not ready. I tried the sleep command but it didn't seem to help. My problem is I just don't know this stuff well enough and my wife doesn't like the internet going down, so it limits my time to tinker.

My future goal is to selectively route through two vpns. One out of the US for netflix and hulu plus (current setup) and another out of Switzerland for torrenting. I would also like to code in DNS leak protection and a kill switch if the Swiss VPN goes down.

My current setup is to selectively route my PS3 and Nexus 10 through the VPN, leaving my wife's laptop and my desktop on ISP. Then I create a windows xp virtual machine for torrenting, using PIA's client that has DNS leak protection and a kill switch built in. I just have the virtual machine turn on at boot up. The only problem is it is a bit of a resource hog.
Reply With Quote
The Following User Says Thank You to janosek For This Useful Post:
  #3  
Old 02-28-2013, 01:26 PM
Bagman's Avatar
Bagman Bagman is offline
Member
 
Join Date: Nov 2012
Posts: 64
Thanks: 18
Thanked 12 Times in 12 Posts
Bagman is just starting out
Default

Hmm, that's the exact opposite of what I want to do. I want all traffic by default to go over the normal link, with certain exceptions to go over VPN. That webpage puts all traffic over the VPN, with some exceptions going over the normal link.

Looks like I'll have to read up on IPtables, and it looks like this would only work for IPs rather than domains...
Reply With Quote
  #4  
Old 02-28-2013, 02:03 PM
janosek janosek is offline
Senior Member
 
Join Date: Jan 2013
Posts: 129
Thanks: 18
Thanked 7 Times in 6 Posts
janosek is just starting out
Default

Quote:
Originally Posted by Bagman View Post
Hmm, that's the exact opposite of what I want to do. I want all traffic by default to go over the normal link, with certain exceptions to go over VPN. That webpage puts all traffic over the VPN, with some exceptions going over the normal link.

Looks like I'll have to read up on IPtables, and it looks like this would only work for IPs rather than domains...
By default, when you activate the VPN, everything goes over it. You can change the first rule from:

# By default all traffic flows through the VPN
iptables -t mangle -A PREROUTING -i br0 -j MARK –set-mark 0

# By default all traffic flows through the WAN
iptables -t mangle -A PREROUTING -i br0 -j MARK –set-mark 1
Reply With Quote
  #5  
Old 03-01-2013, 08:54 AM
janosek janosek is offline
Senior Member
 
Join Date: Jan 2013
Posts: 129
Thanks: 18
Thanked 7 Times in 6 Posts
janosek is just starting out
Default

Quote:
Originally Posted by Bagman View Post
Hmm, that's the exact opposite of what I want to do. I want all traffic by default to go over the normal link, with certain exceptions to go over VPN. That webpage puts all traffic over the VPN, with some exceptions going over the normal link.

Looks like I'll have to read up on IPtables, and it looks like this would only work for IPs rather than domains...

I just re-read your first post. I misunderstood.

You might be interested in this:

http://www.dd-wrt.ca/phpBB2/viewtopic.php?t=161397

It sort of works, but many sites host content on other servers, so while the first site thinks you are at the other end of the VPN, the other servers may not.
Reply With Quote
  #6  
Old 03-01-2013, 04:50 PM
Bagman's Avatar
Bagman Bagman is offline
Member
 
Join Date: Nov 2012
Posts: 64
Thanks: 18
Thanked 12 Times in 12 Posts
Bagman is just starting out
Default

Thanks for the links/info, it's all very useful.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -4. The time now is 02:12 AM.

Top 10 Stats
Top Posters* Top Thanked
RMerlin  412
stevech  153
thelonelycode...  147
L&LD  126
azazel1024  115
KGB7  99
jim769  82
DrTeeth  71
Adamm  64
speedingcheet...  61
RMerlin  4497
stevech  276
ryzhov_al  199
TeHashX  194
RogerSC  166
L&LD  163
joegreat  105
jlake  102
PrivateJoker  93
sinshiva  89
Most Viewed Threads* Hottest Threads*
Old Asuswrt-Merli...  32494
Old Asuswrt-Merli...  27313
Old ASUS...  23121
Old Beta Version...  17592
Old 'Heartbleed'...  14446
Old Linksys...  9815
Old Potential...  7995
Old Asus-Merlin...  7219
Old Groundhog...  6469
Old Linksys...  6192
Old Asuswrt-Merli...  220
Old Asuswrt-Merli...  196
Old Linksys...  149
Old ASUS...  126
Old Beta Version...  112
Old Potential...  98
Old Linksys...  83
Old Groundhog...  49
Old Asus router...  43
Old USB drive...  40



Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.