Using a 2nd router just for VPN?

dvdchancedvdchance
in VPN Setup Support
OK here's my setup right now, I have a Netgear DGND37000 from which I get my DSL WAN connection and also use to route my ethernet and WIFI clients. I'm looking to add a 2nd TP-Link TL-WR841N N300 router to run DD-WRT and use as a VPN only connection for my Rokus, etc.

Ideally I'd like for clients connection to this router to also be able to access my local Plex server running off the non-VPN routers Mac Mini connection.

Any suggestions for this? I'm assuming I'm not asking for a crazy setup or something.

Thanks for reading.

Comments

  • HQ7274HQ7274
    edited February 2018
    @Max-P Has the answer. My way was a bit of a complicated mess.
  • Max-PMax-P
    It shouldn't be too hard. You should only have to configure the second router a bit and it should work fine.

    Basically, the situation you have is you have two separate physical networks: your main network with direct access to your ISP as well as a second isolated network that routes to the first one. The main network can only be accessed by the second network via the TP-Link router which would route it to the main one.

    When the VPN is enabled, that router shoves everything through the tunnel, effectively "hiding" your main network as a result.

    -----

    The fix is simple: you just need to manually add a route for the main network on the second router and it should bypass the VPN as needed.
    1. In DD-WRT, first go to Status->WAN and take note of the Gateway and Subnet mask.
    2. Go to Setup->Advanced Routing, in the Static Routing section add this rule:
      • Select set number: pick any empty slot (the default one should be fine if you have nothing at all there)
      • Route Name: pick one of your liking to remember you what that route is for
      • Destination LAN NET: put the same as the Gateway, but replace each number that's a 0 in the subnet mask with a zero as well.
      • Subnet mask: put it there as-is from the WAN status page
      • Gateway: put it there as-is from the WAN Status page
      • Interface: WAN

    Example from mine:


    My gateway is 192.168.0.1 and my Subnet mask is 255.255.255.0. The last group of the subnet mask is a zero, so I change that same position (1) to a 0 as well to get the route: 192.168.0.0. If my subnet mask was 255.255.0.0, then I would change the last two groups instead, and so on.

    This gives me the following resulting configuration:


Sign In or Register to comment.