When the VPN is operational, and I’m connected to wlan1 or port4, the connection works as expected and the resulting IP address corresponds to the VPN’s expected geolocation.
However, when the VPN is operational, and I’m connected to wlan0 or port0, the network isn’t responsive. While I have an IP address in the 192.168.1.* range, I can’t ping external address via name or number.
The router is on 192.168.1.0/24 network, the guest network is 192.168.2.0/24. As such, I can’t connect to the router when I’m using the VPN. If I change the guest_zone's Input rule to allow (temporarily), would that allow me to access the router while on the guest network?
What am I hoping to find?
It sounds like I need to add a route when the VPN is active, correct? Is there a way to add one when the VPN starts and remove it when it stops?
** edit **
I started the VPN, but stayed connected to the “main” LAN. I ran ip r:
# ip r
0.0.0.0/1 via 10.35.0.5 dev tun0
default via 72.50.209.209 dev eth1 proto static
10.35.0.1 via 10.35.0.5 dev tun0
10.35.0.5 dev tun0 proto kernel scope link src 10.35.0.6
23.226.128.42 via 72.50.209.209 dev eth1
72.50.209.208/30 dev eth1 proto kernel scope link src 72.50.209.210
128.0.0.0/1 via 10.35.0.5 dev tun0
192.168.1.0/24 dev br-lan proto kernel scope link src 192.168.1.1
192.168.2.0/24 dev br-guest_turris proto kernel scope link src 192.168.2.1
I installed the policy-based-routing package that is referenced in that thread. I’m not sure how to use it–do you have any recommendations on the settings or perhaps a good reference?