Hello sorry for my poor English,
I have a Debian machine that I want to use as a custom router.
It has 3 network interfaces
eth0: WAN
eth1: LAN1
eth2: LAN2
LAN1 and LAN2 are on different IP range, served by a dhcp server running on the machine
I have also a OpenVPN client, connected as a tun to a server that I don't control
I need to route all eth1(LAN1) internet traffic through the VPN tunnel, and at the same time route all eth2(LAN2) internet traffic through the default WAN gateway.
the nat table is set on tun0 for eth1 (to provide NAT via VPN tunnel), and set to eth0 for eth2.
I have been unable to have both LAN interfaces working at the same time.
If OpenVPN is running, eth1 is working but not eth2, and the opposite if OpenVPN is stopped.
Is there any solution to make both interfaces work together ?
I assume the trick is by setting specific route (and not the default/0 gw vpn_gateway), but I have been unable to find the right combination.
Anyone have an idea ?
OpenVPN and multi-LAN NAT question ?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
wesson
- OpenVpn Newbie
- Posts: 2
- Joined: Fri Mar 21, 2014 1:09 am
-
wesson
- OpenVpn Newbie
- Posts: 2
- Joined: Fri Mar 21, 2014 1:09 am
Re: OpenVPN and multi-LAN NAT question ?
Finally found the solution, with a second routing table that allow me to setup 2 different default route.
Something like this:
echo 2 zonelan2 >> /etc/iproute2/rt_tables
ip route add default via WAN_GW dev eth0 table zonelan2
ip rule add from LAN2/NETMASK lookup zonelan2
where WAN_GW is my wan gateway
LAN2/NETMASK is my LAN2 ip / range
Something like this:
echo 2 zonelan2 >> /etc/iproute2/rt_tables
ip route add default via WAN_GW dev eth0 table zonelan2
ip rule add from LAN2/NETMASK lookup zonelan2
where WAN_GW is my wan gateway
LAN2/NETMASK is my LAN2 ip / range