I am having a bit of trouble getting a router to work the way I would like it to. It's a Netgear R7000 running Shibby Tomato build 119.
I have four different VLANs setup to each port on the back and working properly.
192.168.10.1(br0)
192.168.20.1(br1)
194.168.30.1(br2)
192.168.40.1(br3)
I have two OpenVPN clients setup. I would like for br0 and br1 to be regular internet from the ISP, which they are now with where I am at with the current setup. I would like br2 to be VPN 1 and for br3 to be VPN 2. I can get both br2 and br3 to to be either VPN 1 or VPN 2 but not each one be different.
Here is what I have currently setup:
VPN Tunneling > OpenVPN Client > Client 1 > Advanced
persist-key
persist-tun
tls-client
comp-lzo
verb 1
VPN Tunneling > OpenVPN Client > Client 2 > Advanced
persist-key
persist-tun
tls-client
comp-lzo
verb 1
Administration > Scripts > Init
mkdir /etc/iproute2
echo -e "#\n\
# reserved values\n\
#\n\
255 local\n\
254 main\n\
253 default\n\
0 unspec\n\
#\n\
# local\n\
#\n\
#1 inr.ruhep\n\
# Our custom tables\n\
10 ETHER" >/etc/iproute2/rt_tables
Administration > Scripts > Firewall
ip rule add from 192.168.10.0/24 table ETHER
ip rule add from 192.168.20.0/24 table ETHER
ip route flush all table ETHER
ip route add 127.0.0.0/8 dev lo table ETHER
ip route add 192.168.10.0/24 dev br0 table ETHER
ip route add 192.168.20.0/24 dev br1 table ETHER
ip route add default via 10.10.10.10 dev vlan2 table ETHER
ip route flush cache
iptables -t nat -I POSTROUTING -s 192.168.30.0/255.255.255.0 -o tun11 -j MASQUERADE
iptables -t nat -I POSTROUTING -s 192.168.40.0/255.255.255.0 -o tun11 -j MASQUERADE
With that firewall script both the 192.168.30.0(br2) and the 192.168.40.0(br3) subnets use the VPN from client 1 and it works. I was thinking I could just change the last line so it would be tun12 instead of tun11 but that does not work.
Is there something simple that I am missing or is there another way I should be going about doing this?
