This is an old revision of the document!


Routing example: PBR app

A typical configuration scenario that can be adapted for most common use cases:

  • Disable gateway redirection in the VPN client configuration.
  • Route LAN 192.168.1.0/24 to WAN by default and DMZ 192.168.3.0/24 to VPN.
  • Configure WAN port forwarding for a webserver running on 192.168.3.2.
# Install packages
opkg update
opkg install pbr
 
# Web interface
opkg update
opkg install luci-app-pbr
/etc/init.d/rpcd restart
 
# Enable PBR
uci set pbr.config.enabled="1"
uci set pbr.config.resolver_ipset="none"
uci set pbr.config.webui_show_ignore_target="1"
uci commit pbr
/etc/init.d/pbr restart
 
# Route between local networks
uci add pbr policy
uci set pbr.@policy[-1].dest_addr="192.168.1.0/24 192.168.3.0/24"
uci set pbr.@policy[-1].interface="ignore"
uci commit pbr
/etc/init.d/pbr restart
 
# Configure WAN port forwarding
uci add pbr policy
uci set pbr.@policy[-1].src_addr="192.168.3.2"
uci set pbr.@policy[-1].src_port="443"
uci set pbr.@policy[-1].proto="tcp"
uci set pbr.@policy[-1].interface="wan"
uci commit pbr
/etc/init.d/pbr restart
 
# Route DMZ to VPN
uci add pbr policy
uci set pbr.@policy[-1].src_addr="192.168.3.0/24"
uci set pbr.@policy[-1].interface="vpn"
uci commit pbr
/etc/init.d/pbr restart
This website uses cookies. By using the website, you agree with storing cookies on your computer. Also you acknowledge that you have read and understand our Privacy Policy. If you do not agree leave the website.More information about cookies
  • Last modified: 2023/09/07 02:20
  • by vgaetera