4

I have all traffic going through a VPN in my tomato router. I’d like to exclude my gaming server’s address from the VPN. How do I exclude that one specific external IP address from the VPN in the tomato router?

I tried adding:

route my.external.server.ip 255.255.255.255 net_gateway

…which resolves from OpenVPN syntax to the underlying route command:

/sbin/route add -net my.external.server.ip netmask 255.255.255.255 gw 10.0.0.1

…but that yields the error

ERROR: Linux route add command failed: external program exited with error status: 1

What is the OpenVPN syntax to route one external ip through net_gateway ?

Giacomo1968
  • 58,727
Walrus the Cat
  • 272

2 Answers2

3

As you have not answered my comments to say if it worked or not, I come with a bit more formated answer:

I'm almost sure that Tomato is throwing that error because your OpenVPN client user is trying to add the route. You can check if I'm right following one of those, in this order of success chance:

  • Remove the route config line from OpenVPN config file and try to add it manually by executing the following code in the shell as root:

    route add -net my.external.server.ip netmask 255.255.255.255 gw 10.0.0.1

  • If that doesnt work, try DISABLING VPN SERVICE and executing the route add command then.

  • Check for other errors in your VPN config file, it may be screwing things a bit
  • Use webgui to make the changes. HiHat posted a link where it is nicely explained: Selective routing for Tomato firmware. Remember to remove the route line from the VPN file first!

Please post your results and more data about VPN client, tomato version, webgui or not webgui...

Giacomo1968
  • 58,727
DGoiko
  • 1,054
-2

I think you can achieve it in several ways:

  1. By using Routing Policy option in modern version of Tomato (AdvancedTomato) OpenVPN settings and adding exclusion for your gaming server address. Please see here for example settings: http://www.linksysinfo.org/index.php?threads/shibby-tomato-selective-routing-of-openvpn-and-dns.71609/#post-270105
  2. By using selective routing in classic Tomato according to examples here: https://support.hidemyass.com/hc/en-us/articles/202798226-Selective-routing-for-Tomato-firmware-Per-source-IP-address
Giacomo1968
  • 58,727
HiHat
  • 98