Tomato, VPN Client, and excluding one LAN IP

3 posts / 0 new
Last post
Klagreca's picture
Tomato, VPN Client, and excluding one LAN IP

Hi folks! I'm running Tomato Shibby v1.28-138 on my R7000.  I have everything setup and a succesful PureVPN connection via openVPN.  LOVE IT!

There's only one thing I can't figure out:  I want one LAN IP address to bypass the VPN (my appleTV, so that Netflix will work).  I did some searching but the notes all seem to be about using old scripts.

Can anyone help me out with this?  Happy to compensate for expertise.

Thanks! Kris


Fobi's picture


You can create a specific VLAN for your Apple TV and configure your VPN (interface type TAP) to be use on the other VLAN.

kinakuta's picture
Hi Kris,

Hi Kris,

I have the same situation with two Apple TVs and a couple of other devices that need to bypass the VPN. After some research I found a startup script, which I modified to suit my needs. You can simply copy it to "Administration -> Commands", set the IPs you want to bypass the VPN, save as startup script and restart the router.

Here it is:

sleep 30
[ -z "$NO_VPN_LST" ] && exit 0
while [ $WAN_GWAY == "" ]; do
sleep 3
WAN_GWAY=`nvram get wan_gateway`
ip route add default via $WAN_GWAY table 10
for ipa in $NO_VPN_LST; do
ip rule add from $ipa table 10
ip route flush cache
exit 0