IP routing to a specific SSID

Joachim M. Giæver 65689dbe4c Added nat-start script to re-establish routing when some changes to the NAT routing, e.g WAN port forwarding 7 rokov pred
aiop d76896dafb Fixed up in ip table entries 7 rokov pred
client1 9a23630c69 Small bugs, removing ip rule flush 7 rokov pred
screenshots aeb6c75727 Added WebUI screenshot 7 rokov pred
.gitignore 97e5053772 Initial commit 7 rokov pred
LICENSE 97e5053772 Initial commit 7 rokov pred
README.md 09fe7b990d Removed full logging, added more screenshots and fixed readme 7 rokov pred
dnsmasq.postconf ab2159ae26 Added to routing also happens when when client goes down + screeshots 7 rokov pred
nat-start 65689dbe4c Added nat-start script to re-establish routing when some changes to the NAT routing, e.g WAN port forwarding 7 rokov pred
openvpn-event ab2159ae26 Added to routing also happens when when client goes down + screeshots 7 rokov pred

README.md

AIOP - Assign IP to OpenVPN for PIA

(Private Internett Access - https://privateinternettaccess.com)

Merlin-WRT/Asuswrt-merlin SSID InterFace Specific

This code is used to assign a new DHCP range to an interface and route the traffic over an OpenVPN for PIA (may work with others).

Code is based on

The main reason for doing this was that I wanted several Wi-Fi networks with traffic routed over different kind of VPN-connections. See screenshots below.

Quick how to

  1. Enable the guest network(s) you want to use, and make the configuration needed/wanted (key etc) in the WebUI.
  2. Clone this repo locally and do the following edit:
    1. Open the file dnsmasq.postconf and fill inn the networks you want to route through a VPN, in the format assign_ip "<interface>" "<dhcp>" "<range from>" "<range to>" e.g assign_ip "wl0.1" "192.168.2.1" "2" "254" will start a DHCP server on IP 192.168.2.1 with a range from 192.168.2.2 - 192.168.2.254.
    2. Open the file openvpn-event and fill in the network interfaces you want to route, in the format route_vpn "<interface g.network>" "<interface vpn>", e.g route_vpn "wl0.1" "tun11" to route wl0.1 over tun11.
  3. Log on to your router and create a directory named "aiop" in the directory /jffs/scripts.
  4. Push the files from your local machine to the JFFS-partition on your router:
    1. scp /path/to/aiop/* <username>@ip-address:/jffs/scripts/aiop
    2. scp dnsmasq.postconf <username>@ip-address:/jffs/scripts/
    3. scp openvpn-event <username>@ip-address:/jffs/scripts/
  5. Restart the router.

You will find an example on how I've done it, with 6 guest networks and 5 VPN-clients, in the files "dnsmasq.postconf" and "openvpn-event". Note that wl0.1 and wl0.3 shares VPN-client. This way you can create several VPN-clients, i.e with different locations, and connect to the respective Wi-Fi when you want to change VPN-connetion.

You will also find an configuration file in the "client" directory, that I have exported from my setup, that you can import in the WebUI. I have included the two certificates you need to copy/paste into the WebUI certificate-forms in the directory as well.

Screenshots

ESSID list ESSID list Connection