I'm trying to setup a VPN connection, but I don't want all my traffic being redirected to the VPN iface, I only need traffic for a specific subnet to go thuru this VPN
What I did so far
Code: Select all
root@Gargoyle:~# cat /etc/config/network
...
config 'interface' 'vpn'
option 'ifname' 'pptp-vpn'
option 'proto' 'pptp'
option 'username' '<LOGIN>'
option 'password' '<PASSWORD>'
option 'server' '<HOST>'
option 'buffering' '1'
option 'defaultroute' '0'
I've tried to add vpn to the 'wan' firewall zone, hopping that this would allow all traffic between lan and vpn
Code: Select all
root@Gargoyle:~# cat /etc/config/firewall
...
config 'zone'
option 'name' 'wan'
option 'network' 'wan vpn'
option 'input' 'REJECT'
option 'output' 'ACCEPT'
option 'forward' 'REJECT'
option 'masq' '1'
option 'mtu_fix' '1'
Code: Select all
root@Gargoyle:~# ifconfig pptp-vpn
pptp-vpn Link encap:Point-to-Point Protocol
inet addr:192.168.10.4 P-t-P:192.168.10.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1
RX packets:34 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:2626 (2.5 KiB) TX bytes:542 (542.0 B)
Code: Select all
root@Gargoyle:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
189.125.x.x 10.0.0.1 255.255.255.255 UGH 0 0 0 eth0.2
192.168.10.2 * 255.255.255.255 UH 0 0 0 pptp-vpn
10.0.0.0 * 255.255.255.0 U 0 0 0 eth0.2
192.168.1.0 * 255.255.255.0 U 0 0 0 br-lan
default 10.0.0.1 0.0.0.0 UG 0 0 0 eth0.2