OpenVPN ==> OpenVPN on ASUS router?

S

Sergykm2018-05-24 09:34:21

openvpn

Sergykm, 2018-05-24 09:34:21

I have an asus n66u router with Hugo firmware (AsusWRT).
The router is connected to openvn to unlock some resources that are blocked in Ukraine (yandex, mail, vk). OpenVPN itself works ONLY for these sites, all other traffic goes directly. The OpenVPN config is located here https://zaborona.help/zaborona-help.ovpn . Settings https://zaborona.help/extra.html
In addition, the router itself has its own home openvpn server, to which I connect from mobile devices.

spoiler

client
dev tun
proto udp
remote 77.123.*.* 1194
float
ncp-ciphers AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
comp-lzo adaptive
keepalive 15 60
auth-nocache
remote-cert-tls server
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=TW, ST=TW, L=Taipei, O=ASUS, CN=RT-N66U/[email protected]
Validity
Not Before: May 22 13:42:17 2018 GMT
Not After : May 19 13:42:17 2028 GMT
Subject: C=TW, ST=TW, L=Taipei, O=ASUS, CN=client/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:b9:32:68:6a:78:b5:e0:15:af:94:03:ef:21:10:
cc:f9:ef:5c:82:1e:49:b5:9f:2f:e4:57:3c:40:9e:
a1:39:9a:d0:b8:a5:ca:ff:1a:58:c3:24:52:8d:68:
41:d7:d8:3b:e6:eb:1a:dd:7d:21:4b:85:22:4b:bd:
1c:7c:75:43:80:ab:cd:3f:a8:22:b1:d1:9f:d6:b4:
d3:98:8c:f6:d6:96:7b:1f:8d:0d:b0:16:4c:7a:ae:
ee:3b:8c:68:85:e2:8e:1a:a6:7d:ed:48:00:94:52:
11:cc:8d:aa:a7:f8:45:30:7d:3d:33:7b:22:be:45:
f1:10:ff:c5:59:40:c9:79:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
Easy-RSA Generated Certificate
X509v3 Subject Key Identifier:
EE:30:E2:6B:AA:77:74:22:C4:10:FA:71:12:35:80:C4:8F:06:88:69
X509v3 Authority Key Identifier:
keyid:97:B1:7E:EB:A5:57:50:89:8F:A8:D9:60:7E:AB:E1:D8:B8:3C:13:75
DirName:/C=TW/ST=TW/L=Taipei/O=ASUS/CN=RT-N66U/[email protected]
serial:D5:A0:B7:46:92:56:60:C9
X509v3 Extended Key Usage:
TLS Web Client Authentication
X509v3 Key Usage:
Digital Signature
Signature Algorithm: sha256WithRSAEncryption
c6:b7:40:c3:b9:69:d6:90:3b:42:2a:27:ef:1d:aa:68:2a:0f:
dc:55:96:85:f5:9d:17:37:20:68:38:d3:e8:31:78:99:f1:f5:
55:56:e3:92:1c:97:c4:f6:08:b3:fd:70:6a:77:a7:b5:7c:73:
0f:ec:5c:a9:59:5a:55:ee:af:97:38:a5:73:ea:04:17:e9:50:
c0:ac:56:7c:33:ec:b9:0f:06:20:50:4e:33:46:42:7c:9a:a2:
2d:36:aa:0c:28:7b:95:16:4c:53:8b:5d:f5:b1:8c:4a:b6:7f:
29:0c:2a:a9:bd:da:96:47:ae:7f:9f:46:ee:1a:5e:0b:24:ec:
76:ea
-----BEGIN CERTIFICATE-----
----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
resolv-retry infinite
nobind

How to make it so that when connecting from mobile devices to home openvpn, when accessing blocked sites, they go through the second openvpn to which the router is connected? THAT is so that I can connect to my home OpenVPN and go to blocked sites that are unblocked through another OpenVPN.
I would be very grateful for your help.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

Sergey Gulyaev, 2018-05-25
@greysir

Use the OpenVPN connection to the server as the default gateway.
A rough but working solution - after connecting to the OpenVPN server, all client traffic will go through the home router.
The settings are different depending on the mobile device.