Routing

marshac

American Hero
Joined
Mar 25, 2003
Messages
2,543
question for the [H] about the best way to do something... I would like to route specific device traffic through a VPN while leaving other traffic (for Netflix for example) through the standard gateway. I’ve done this with DHCP reservations and specifying the gateway to use there, but something more transparent would be nice- surprisingly what I’ve done with DHCP isn’t as reliable as I would like- I’m unsure why. Ideas? Alternatives?

The reason for this is I would like personal traffic to go through a VPN for the sake of privacy/security.
 

IdiotInCharge

NVIDIA SHILL
Joined
Jun 13, 2003
Messages
14,710
question for the [H] about the best way to do something... I would like to route specific device traffic through a VPN while leaving other traffic (for Netflix for example) through the standard gateway. I’ve done this with DHCP reservations and specifying the gateway to use there, but something more transparent would be nice- surprisingly what I’ve done with DHCP isn’t as reliable as I would like- I’m unsure why. Ideas? Alternatives?

The reason for this is I would like personal traffic to go through a VPN for the sake of privacy/security.

Depends on what the source of the traffic is. Would it be by IP?
 

IdiotInCharge

NVIDIA SHILL
Joined
Jun 13, 2003
Messages
14,710
Yes- so previously I’ve just made IP reservations for the devices.

Well, there's probably a plethora of ways to do what you want, but generally, you need a router that can handle the VPN endpoint and do the IP-specific routing. You can build one using pfSense, or something like an Edgerouter X would also work barring other potential limitations in your setup.
 

ThatITGuy

Limp Gawd
Joined
May 5, 2017
Messages
430
So are you wanting this segregation done on traffic from a single device, or are you wanting to segregate across devices, i.e.
1) you have 1 PC, and you want any traffic to Netflix/other specified conditions, to bypass VPN, but everything else goes through the VPN, or
2) you want all of your PCs/phones to go through the VPN but your smart TV/other device you consume media on to not go through the VPN?

I think you mean #2, but some of the phrasing makes it sound like #1. Simplest way i have done something similar to #2 was to use VLANs to segment devices. I can then apply rules to the networks individually. I have it set up so that i can just connect to a different ssid in order to switch which VLAN I am on, for cases where i need/want to be able to go back and forth between them.
From there you would need the equipment to support the functionalities you need.
 
Top