OpenWRT + OpenVPN client forwarding from lan to vpn not working
- by Dariusz Górecki
I've OpenWRT router with Backfire 10.03.1-rc3 (arch:brcm 2.6 kernel)
I've set up an OpenVPN client connecting my router with workplace lan, and it works nicely, I can connect from router to networks (several) in workplace.
My OpenVPN client uci-config looks like:
config 'openvpn' 'stream_client'
option 'nobind' '1'
option 'float' '1'
option 'client' '1'
option 'reneg_sec' '0'
option 'management' '127.0.0.1 31194'
option 'explicit_exit_notify' '1'
option 'verb' '3'
option 'persist_tun' '1'
option 'persist_key' '1'
list 'remote' 'remote.address.cutted'
option 'ca' '/lib/uci/upload/cbid.openvpn.stream_client.ca'
option 'key' '/lib/uci/upload/cbid.openvpn.stream_client.key'
option 'cert' '/lib/uci/upload/cbid.openvpn.stream_client.cert'
option 'enable' '1'
option 'dev' 'tun1'
I've set the 'STREAM_VPN' Zone to allow in/out traffic, and I've added rules for zone-to-zone lan<-vpn and vpn<-lan
config 'zone'
option 'name' 'stream_vpn'
option 'network' 'stream_vpn'
option 'input' 'ACCEPT'
option 'output' 'ACCEPT'
option 'forward' 'REJECT'
config 'forwarding'
option 'src' 'lan'
option 'dest' 'stream_vpn'
config 'forwarding'
option 'src' 'stream_vpn'
option 'dest' 'lan'
And interface config:
config 'interface' 'stream_vpn'
option 'proto' 'none'
option 'ifname' 'tun1'
option 'defaultroute' '0'
option 'peerdns' '0'
Now, from my router everything works nicely, the problem is that I cannot connect from computer inside a lan to hosts in networks provided by vpn connection :/
What I've missed, or what I'm doing wrong?
And how can I force using specified DNS when connected to vpn? (I know that sever should use PUSH DNS option, but is PUSHes only routes)