Hi,
on openpli image is there a way to block ALL Internet traffic when VPN connection goes down?
Is it possible to force using internet only if VPN connection is UP?
Thanks in advance
tt66
Edited by tt66, 1 August 2013 - 09:02.
Posted 1 August 2013 - 09:29
Hi,
If you drop ALL internet traffic this means that you will NEVER be able again to connect to your VPN, since ALL traffic will be blocked!
So the VPN port must remain open, and you only need to open this one on your ISP router/firewall to your STB, and use a strong authentication mecanism.
Pr2
NO SUPPORT by PM, it is a forum make your question public so everybody can benefit from the question/answer.
If you think that my answer helps you, you can press the up arrow in bottom right of the answer.
Wanna help with OpenPLi Translation? Please read our Wiki Information for translators
Sat: Hotbird 13.0E, Astra 19.2E, Eutelsat5A 5.0W
VU+ Solo 4K: 2*DVB-S2 + 2*DVB-C/T/T2 (used in DVB-C) & Duo 4K: 2*DVB-S2X + DVB-C (FBC)
AB-Com: PULSe 4K 1*DVB-S2X (+ DVB-C/T/T2)
Edision OS Mio 4K: 1*DVB-S2X + 1*DVB-C/T/T2
Posted 1 August 2013 - 10:10
Hi,
If you drop ALL internet traffic this means that you will NEVER be able again to connect to your VPN, since ALL traffic will be blocked!
So the VPN port must remain open, and you only need to open this one on your ISP router/firewall to your STB, and use a strong authentication mecanism.
Pr2
Can you try to post a configuration for Openpli with OpenVPN (default configuration and port 1194 I suppose)?
Edited by tt66, 1 August 2013 - 10:10.
Posted 1 August 2013 - 10:58
You could set a hardcoded set of routes, that routes everything to the VPN next hop, except the public IP of the VPN endpoint? And maybe to local LAN so the default gateway can still be found?
Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)
Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.
Many answers to your question can be found in our new and improved wiki.
Posted 1 August 2013 - 11:08
You could set a hardcoded set of routes, that routes everything to the VPN next hop, except the public IP of the VPN endpoint? And maybe to local LAN so the default gateway can still be found?
I understand but I'm not able to do that (I'm a newbie in Linux world)...Could you post a working configuration or simply indicate which commands should be used?
Thanks
Posted 1 August 2013 - 11:09
@tt66
No because I am not using this feature.
Pr2
NO SUPPORT by PM, it is a forum make your question public so everybody can benefit from the question/answer.
If you think that my answer helps you, you can press the up arrow in bottom right of the answer.
Wanna help with OpenPLi Translation? Please read our Wiki Information for translators
Sat: Hotbird 13.0E, Astra 19.2E, Eutelsat5A 5.0W
VU+ Solo 4K: 2*DVB-S2 + 2*DVB-C/T/T2 (used in DVB-C) & Duo 4K: 2*DVB-S2X + DVB-C (FBC)
AB-Com: PULSe 4K 1*DVB-S2X (+ DVB-C/T/T2)
Edision OS Mio 4K: 1*DVB-S2X + 1*DVB-C/T/T2
Posted 1 August 2013 - 11:17
neither do I, you'll have to do some reading.
First hit in Google: http://www.thegeekst...route-examples/
Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)
Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.
Many answers to your question can be found in our new and improved wiki.
Posted 1 August 2013 - 11:24
neither do I, you'll have to do some reading.
First hit in Google: http://www.thegeekst...route-examples/
I'll try, thanks...Maybe it shouldn't be the right way...With ip tables support it should be easier or not?
Please, if somebody has new ideas, post something for the community
Thanks
Posted 1 August 2013 - 11:35
iptables could be an option to, but afaik it isn't (fully) implemented in the image. An STB isn't supposed to be connected to the outside world...
Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)
Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.
Many answers to your question can be found in our new and improved wiki.
Posted 1 August 2013 - 11:54
Hi,
on openpli image is there a way to block ALL Internet traffic when VPN connection goes down?
Is it possible to force using internet only if VPN connection is UP?
Thanks in advance
tt66
Here you see a very nice example why we don't like people to edit their posts.This is the OpenPLi forum, not the XTA forum.
0 members, 5 guests, 0 anonymous users