VPN routing issues - Centos7 as a router

Issues related to configuring your network
Post Reply
projects067
Posts: 4
Joined: 2019/01/13 17:58:46

VPN routing issues - Centos7 as a router

Post by projects067 » 2019/04/27 01:41:43

I'm trying to use Centos7 as a router (installed on a RPI with 2 NICs). The WLAN connects to public Wifi and is acting as the WAN. A VPN connection creates TUN0.

Site devices are put behind the ETH0 (eth0.67 eth0.77 and eth0.99) interfaces to be exact.

Default gateway in the basic routing table still points to the default gateway that is assigned by the WLAN - 192.168.3.1 in this case.

I've tried to create a new routing table and apply the rules correctly for my eth0.77 interface, as all traffic from behind eth0.77 should be FULL TUNNEL traffic and not SPLIT tunnel, and should not egress out WLAN0 at all. When I enter the following, that "network" seems to break.
rules:
from all to 192.168.7.224/27 lookup custom
from 192.168.7.224/27 lookup custom

route table:
default via 192.168.7.1 dev tun0

I feel like I need a statement for the reverse of the default route - the route itself, but I'm struggling with how to write it.

Also, do the routes from the default table still apply or are they "ignored" due to the higher priority "custom" table only having one, default, entry (probably just answered my own question)?

projects067
Posts: 4
Joined: 2019/01/13 17:58:46

Re: VPN routing issues - Centos7 as a router

Post by projects067 » 2019/04/27 18:31:51

Figured this out after having a lightbulb moment and thinking about what I was doing, I feel pretty silly now. Anyways - I also needed to add:

192.168.7.224/27 dev eth0.67 src 0.0.0.0 table custom to the routing table.

Obviously, don't forget firewall rules and such, but this wasn't my issue in this case.

Post Reply