I have a mediaplayer on a specific local IP. I have a videogames console on another IP in my network. Both have a static IP. I want to use a VPN service on the mediaplayer so that I can watch Netflix in another region. Is it possible to set up the Turris to direct all traffic from a specific IP address through a VPN? A SmartDNS service is no option to me sadly, as I have an ipv6 address.
You could put your media player on a different subnet and then do something like this: Limit OpenVPN to one subnet - #5 by robertsearle - Network and Wireless Configuration - OpenWrt Forum
Yes. There are multiple ways you can do this, but the way I’ve done it is by using multiple routing tables combined with OpenVPN’s up/down scripts to add the necessary entries to the routing table.
On my setup, I’m doing the whole “different subnet” thing, but you can easily adapt it to a single IP by just changing the routing policy. I’ve tried to adjust my instructions to your case, but I may have missed something.
My vpn_up.sh:
#!/bin/sh
REMIP=$5
if [ -n $REMIP ]; then
ip route flush table forcevpn
ip route add default dev $dev via $REMIP table forcevpn
ip route flush cache
fi
vpn_down.sh:
#!/bin/sh
ip route flush table forcevpn
In /etc/iproute2/rt_tables, add 100 forcevpn (or a different number if 100 is already taken).
In /etc/rc.local, add (before the exit):
# This one should be the IP of the thing you're trying to route through the VPN
ip rule add from 192.168.1.55/32 priority 10 table forcevpn
# This one should match your LAN subnet
ip route add 192.168.1.0/24 dev br-ports.1 table forcevpn
Finally, in the OpenVPN config, add these:
route-nopull
script-security 2
up /path/to/vpn_up.sh
down /path/to/vpn_down.sh
Hope that helps!
1 Like