Policy Based Routing not working with dd-wrt build 22000M?

[dougc905 0]

I have OpenVPN configured and working on a linksys e3000 router using dd-wrt build 22000M. The connection through AirVPN appears to be stable. However, I have a Sonos music player that has begun cutting out intermittently. I think it may be a bandwidth issue so would like to exclude it from the VPN tunnel.

 

Supposedly this is what policy based routing is for. If the Sonos controller has ip 192.168.1.105, wouldn't it be sufficient to simply place that ip in the policy based routing box? I have tried that and also 192.168.1.105/24.

(I have read conflicting reports as to whether to place ips that you want to include versus exclude from the VPN tunnel in the policy based routing box. Regardless, something should happen to one ip or another!)

 

What happens is that none of my clients can then access the web. I can ping the dns servers though.

 

I have the static dns servers set to 10.4.0.1, 10.6.0.1 and 198.50.145.155

 

When I remove the ip address from the policy based routing box, I can connect again.

 

I have included screenshots of my OpenVPN setup and the firewall. My status log is pasted below.

 

One think I do notice from the log is that it seems to be configuring tun1 but my firewall is set to address tun0. When I change the firewall to tun1, it also breaks the connection.

 

Thanks for any light on the subject in advance,

Doug

 

clientsetup.tiff

 

firewall.tiff

 

State

Server: : Local Address: Remote Address: Client: CONNECTED: SUCCESS Local Address: 10.6.0.67 Remote Address: 10.6.0.67 
Status
LogServerlog Clientlog 20150905 07:30:18 I OpenVPN 2.3.2 mipsel-unknown-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [MH] [iPv6] built on Jun 7 2014 
20150905 07:30:18 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:16 
20150905 07:30:18 W NOTE: the current --script-security setting may allow this configuration to call user-defined scripts 
20150905 07:30:18 I Control Channel Authentication: using '/tmp/openvpncl/ta.key' as a OpenVPN static key file 
20150905 07:30:18 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 
20150905 07:30:18 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication 
20150905 07:30:18 Socket Buffers: R=[114688->131072] S=[114688->131072] 
20150905 07:30:18 I UDPv4 link local: [undef] 
20150905 07:30:18 I UDPv4 link remote: [AF_INET]173.44.55.178:80 
20150905 07:30:18 TLS: Initial packet from [AF_INET]173.44.55.178:80 sid=94c9e5fb 7bed43d1 
20150905 07:30:19 VERIFY OK: depth=1 C=IT ST=IT L=Perugia O=airvpn.org CN=airvpn.org CA emailAddress=info@airvpn.org 
20150905 07:30:19 VERIFY OK: nsCertType=SERVER 
20150905 07:30:19 NOTE: --mute triggered... 
20150905 07:30:35 1 variation(s) on previous 3 message(s) suppressed by --mute 
20150905 07:30:35 N TLS Error: Unroutable control packet received from [AF_INET]173.44.55.178:80 (si=3 op=P_CONTROL_V1) 
20150905 07:30:35 N TLS Error: Unroutable control packet received from [AF_INET]173.44.55.178:80 (si=3 op=P_CONTROL_V1) 
20150905 07:30:36 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key 
20150905 07:30:36 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication 
20150905 07:30:36 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key 
20150905 07:30:36 NOTE: --mute triggered... 
20150905 07:30:36 2 variation(s) on previous 3 message(s) suppressed by --mute 
20150905 07:30:36 I [server] Peer Connection Initiated with [AF_INET]173.44.55.178:80 
20150905 07:30:38 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) 
20150905 07:30:38 PUSH: Received control message: 'PUSH_REPLY redirect-gateway def1 bypass-dhcp dhcp-option DNS 10.6.0.1 comp-lzo no route-gateway 10.6.0.1 topology subnet ping 10 ping-restart 60 ifconfig 10.6.0.67 255.255.0.0' 
20150905 07:30:38 OPTIONS IMPORT: timers and/or timeouts modified 
20150905 07:30:38 NOTE: --mute triggered... 
20150905 07:30:38 5 variation(s) on previous 3 message(s) suppressed by --mute 
20150905 07:30:38 ROUTE_GATEWAY 172.16.2.1 
20150905 07:30:38 I TUN/TAP device tun1 opened 
20150905 07:30:38 TUN/TAP TX queue length set to 100 
20150905 07:30:38 I do_ifconfig tt->ipv6=1 tt->did_ifconfig_ipv6_setup=0 
20150905 07:30:38 I /sbin/ifconfig tun1 10.6.0.67 netmask 255.255.0.0 mtu 1500 broadcast 10.6.255.255 
20150905 07:30:38 /sbin/route add -net 173.44.55.178 netmask 255.255.255.255 gw 172.16.2.1 
20150905 07:30:38 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.6.0.1 
20150905 07:30:38 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.6.0.1 
20150905 07:30:38 I Initialization Sequence Completed 
20150905 07:30:40 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:30:40 D MANAGEMENT: CMD 'state' 
20150905 07:30:40 MANAGEMENT: Client disconnected 
20150905 07:30:40 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:30:40 D MANAGEMENT: CMD 'state' 
20150905 07:30:40 MANAGEMENT: Client disconnected 
20150905 07:30:40 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:30:40 D MANAGEMENT: CMD 'state' 
20150905 07:30:40 MANAGEMENT: Client disconnected 
20150905 07:30:40 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:30:40 D MANAGEMENT: CMD 'log 500' 
20150905 07:30:40 MANAGEMENT: Client disconnected 
20150905 07:30:49 N write UDPv4: Message too long (code=97) 
20150905 07:30:49 N write UDPv4: Message too long (code=97) 
20150905 07:30:49 N write UDPv4: Message too long (code=97) 
20150905 07:30:50 NOTE: --mute triggered... 
20150905 07:31:52 12 variation(s) on previous 3 message(s) suppressed by --mute 
20150905 07:31:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:31:52 D MANAGEMENT: CMD 'state' 
20150905 07:31:52 MANAGEMENT: Client disconnected 
20150905 07:31:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:31:52 D MANAGEMENT: CMD 'state' 
20150905 07:31:52 MANAGEMENT: Client disconnected 
20150905 07:31:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:31:52 D MANAGEMENT: CMD 'state' 
20150905 07:31:52 MANAGEMENT: Client disconnected 
20150905 07:31:52 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:31:52 D MANAGEMENT: CMD 'log 500' 
20150905 07:31:52 MANAGEMENT: Client disconnected 
20150905 07:32:03 N write UDPv4: Message too long (code=97) 
20150905 07:32:26 N write UDPv4: Message too long (code=97) 
20150905 07:32:49 N write UDPv4: Message too long (code=97) 
20150905 07:33:12 NOTE: --mute triggered... 
20150905 07:43:22 2 variation(s) on previous 3 message(s) suppressed by --mute 
20150905 07:43:22 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:43:22 D MANAGEMENT: CMD 'state' 
20150905 07:43:22 MANAGEMENT: Client disconnected 
20150905 07:43:22 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:43:22 D MANAGEMENT: CMD 'state' 
20150905 07:43:22 MANAGEMENT: Client disconnected 
20150905 07:43:22 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:43:22 D MANAGEMENT: CMD 'state' 
20150905 07:43:22 MANAGEMENT: Client disconnected 
20150905 07:43:22 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:16 
20150905 07:43:22 D MANAGEMENT: CMD 'log 500' 
19700101 00:00:00 

 

[Nichrayzi 0]

That looks like it should work... So youre running it ON your player ship? I dont have X3 so my help is limited...