Changes

*If the connection was successful, we can start the traffic split configuration. First, we'll need to Edit LAN network to use IP address 192.168.10.1. It can be done in section '''Network''' '''→ Interfaces → General settings:''' [[File:LAN.png]]

*If the connection was successful, we can start the traffic split configuration. First, we'll need to Edit LAN network to use IP address 192.168.10.1. It can be done in section '''Network''' '''→ Interfaces → General settings:''' [[File:LAN.png]]

----

----

*Next, we'll need to create wireless interface to use a custom network (wifi_lan) and disable encryption for convenience. In order to do this, navigate '''Network''' '''→ Wireless''' and click '''edit:'''

*Next, we'll need to create wireless interface to use a custom network (wifi_lan) and disable encryption for convenience. In order to do this, navigate '''Network''' '''→ Wireless''' and click '''edit:'''

*In '''general settings''' edit wifi_lan interface to specify IPv4 address (e.g. 192.168.11.1). Press '''Save & Apply.'''

*In '''general settings''' edit wifi_lan interface to specify IPv4 address (e.g. 192.168.11.1). Press '''Save & Apply.'''

----

----

*Next, we'll need to create new interface ( e.g named VPN). In '''Physical settings''' add a tunnel interface name as custom. Tunnel interface name can be checked via ''ifconfig'' command via SSH/CLI. In this case it is named "tun_c_Testas". Don’t forget to save configuration.

*Next, we'll need to create new interface ( e.g named VPN). In '''Physical settings''' add a tunnel interface name as custom. Tunnel interface name can be checked via ''ifconfig'' command via SSH/CLI. In this case it is named "tun_c_Testas". Don’t forget to save configuration.

[[File:Testas.png|877x877px]]

[[File:Testas.png|877x877px]]

----

----

*When your done with the configuration run SSH client or CLI and connect to the router. Once connected execute these commands:

*When your done with the configuration run SSH client or CLI and connect to the router. Once connected execute these commands:

  opkg install vpn-policy-routing

  opkg install vpn-policy-routing

* After successful installation time to configure VPN traffic splitting. In order to do so '''one by one''' execute the following uci commands (be aware that your configuration may vary):

*After successful installation time to configure VPN traffic splitting. In order to do so '''one by one''' execute the following uci commands (be aware that your configuration may vary):

  uci set vpn-policy-routing.config.enabled="1"

  uci set vpn-policy-routing.config.enabled="1"

==Testing the setup==

==Testing the setup==

If you've followed the steps presented above, your configuration should be finished. But as with any other configuration, it is always wise to test the setup in order to make sure that it works properly. In order to test this particular configuration, a few steps have to be taken:

If you've followed the steps presented above, your configuration should be finished. But as with any other configuration, it is always wise to test the setup in order to make sure that it works properly. In order to test this particular configuration, check whether devices with IPs from different interfaces reach the Internet through the default gateway. According to our configuration, if a device are connected to WAN interface, its Public IP should be that of the router's or SIM; if the device connected to WiFi LAN, its Public IP should be that of the OpenVPN server. You can check the Public IP address in '''[http://www.whatsmyip.org/ this website].'''

 

 

*Check whether devices with IPs from different interfaces reach the Internet through the default gateway. According to our configuration, if a device are connected to WAN interface, its Public IP should be that of the router's or SIM; if the device connected to WiFi LAN, its Public IP should be that of the OpenVPN server. You can check the Public IP address in '''[http://www.whatsmyip.org/ this website].'''

----

----

If all of the above is in order, congratulations, your configuration works!

If all of the above is in order, congratulations, your configuration works!

==See also ==

== See also==

*Other OpenVPN related articles from our wiki:

* Other OpenVPN related articles from our wiki:

**[[How to generate TLS certificates (Windows)?]] - a guide on generating TLS certificates for Windows users

**[[How to generate TLS certificates (Windows)?]] - a guide on generating TLS certificates for Windows users

**[[VPN#OpenVPN|OpenVPN Manual section]] - OpenVPN section of the router's manual

**[[VPN#OpenVPN|OpenVPN Manual section]] - OpenVPN section of the router's manual