This is an old revision of the document!
Routing example: PBR app
A typical configuration scenario that can be adapted for most common use cases:
- Disable gateway redirection in the VPN client configuration.
- Route LAN
192.168.1.0/24to WAN by default and DMZ192.168.3.0/24to VPN. - Configure WAN port forwarding for a webserver running on
192.168.3.2.
# Install packages opkg update opkg install pbr # Web interface opkg update opkg install luci-app-pbr /etc/init.d/rpcd restart # Enable PBR uci set pbr.config.enabled="1" uci set pbr.config.resolver_ipset="none" uci set pbr.config.webui_show_ignore_target="1" uci commit pbr /etc/init.d/pbr restart # Route between local networks uci add pbr policy uci set pbr.@policy[-1].dest_addr="192.168.1.0/24 192.168.3.0/24" uci set pbr.@policy[-1].interface="ignore" uci commit pbr /etc/init.d/pbr restart # Configure WAN port forwarding uci add pbr policy uci set pbr.@policy[-1].src_addr="192.168.3.2" uci set pbr.@policy[-1].src_port="443" uci set pbr.@policy[-1].proto="tcp" uci set pbr.@policy[-1].interface="wan" uci commit pbr /etc/init.d/pbr restart # Route DMZ to VPN uci add pbr policy uci set pbr.@policy[-1].src_addr="192.168.3.0/24" uci set pbr.@policy[-1].interface="vpn" uci commit pbr /etc/init.d/pbr restart