Tomato, VPN Client, and excluding one LAN IP

3 posts / 0 new
Last post
Fri, 03/31/2017 - 1:59pm
#1
Klagreca
Klagreca's picture
Tomato, VPN Client, and excluding one LAN IP

Hi folks! I'm running Tomato Shibby v1.28-138 on my R7000.  I have everything setup and a succesful PureVPN connection via openVPN.  LOVE IT!

There's only one thing I can't figure out:  I want one LAN IP address to bypass the VPN (my appleTV, so that Netflix will work).  I did some searching but the notes all seem to be about using old scripts.

Can anyone help me out with this?  Happy to compensate for expertise.

Thanks! Kris

 

Top
Mon, 05/01/2017 - 7:39am
Permalink
Fobi
Fobi's picture
Hello,

Hello,

You can create a specific VLAN for your Apple TV and configure your VPN (interface type TAP) to be use on the other VLAN.

Top
Wed, 05/03/2017 - 8:43am
Permalink
kinakuta
kinakuta's picture
Hi Kris,

Hi Kris,

I have the same situation with two Apple TVs and a couple of other devices that need to bypass the VPN. After some research I found a startup script, which I modified to suit my needs. You can simply copy it to "Administration -> Commands", set the IPs you want to bypass the VPN, save as startup script and restart the router.

Here it is:

#!/bin/sh
sleep 30
NO_VPN_LST="192.168.2.10 192.168.2.11 192.168.2.12 192.168.2.13 192.168.2.14 192.168.2.15"
[ -z "$NO_VPN_LST" ] && exit 0
WAN_GWAY="0.0.0.0"
while [ $WAN_GWAY == "0.0.0.0" ]; do
sleep 3
WAN_GWAY=`nvram get wan_gateway`
done
ip route add default via $WAN_GWAY table 10
for ipa in $NO_VPN_LST; do
ip rule add from $ipa table 10
done
ip route flush cache
exit 0

 

Best,

Martin

Top