The goal is to configure the Tomato router to give 4 wifi networks, 1 for direct use and 1 for privacy VPN use (x2 for 2.4GHz and 5GHz).
I followed these instructions to configure my router:
https://superuser.com/a/1199806/161125
https://support.nordvpn.com/Connectivity/Router/1047410472/Tomato-setup-with-NordVPN.htm
I see the new wifi networks and I can connect to them. Also the VPN connection seem to work since my IP has changed regarding the country of my VPN server's location.
However it seems that the VPN Routing Policy is ignored. Both WIFI networks will olways be seen with the same public IP. If I connect the OpenVPN Client in the router UI then all WIFI networks will be seen as VPN IP. When I disconnect the OpenVPN Client all WIFI networks are seen as the real public IP.
So it seems that the router has not managed to use OpenVPN just for the new WIFI networks.
Here are parts of my configuration:
Basic Settings - Network
DNS 1 103.86.96.100
DNS 2 103.86.99.100
LAN
br0 192.168.1.1 255.255.0.0 DHCP 192.168.1.2 - 192.168.1.254 (for direct)
br1 10.1.1.1 255.255.255.0 DHCP 10.1.1.2 - 254 (for VPN)
Advanced Settings - Virtual Wireless
Added wl0.1
Same settings as wl0 except MAC and SSID
Same for wl1.1 and regardingly wl1 for 5GHz
VPN - OpenVPN Client
Custom Configuration:
remote-cert-tls server
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping-timer-rem
reneg-sec 0
auth sha512
#log /tmp/vpn.log
#Delete `#` in the line below if your router does not have credentials fields
#auth-user-pass /tmp/password.txt
route-nopull
Routing Policy: Enabled - From Source IP - 10.1.1.0/24
Please let me know if further settings are needed.
Seems the Routing Policy is ignored since also 192.168.. addresses are tunneled through the VPN.
Currently I have not configured any VLAN. I just added the new bridge and added the two new Virtual Wireless networks. Maybe here is something missing?
Hope someone can help. :-)
