Need OpenVPN CLIENT support in a Linksys WRTSL54GS router using OpenWRT (or different firmware). Goal is to be able to connect computers to the router so that a connection with a remote VPN server is automatically established. That way, on computers, no OpenVPN client needs to be installed.
Details:
Linksys WRTSL54GS with OpenWRT White Russian. We have installed openvpn as a client on this router, connected via internet to a remote server pc across the country running OpenVPN server. This works great when we work on the OpenWRT client router: we can ping the remote OpenVPN Server and all internet traffic gets redirected over the remote server, which it should. However, when we connect a pc to the OpenWRT router (running OpenVPN client), all internet connections bypass the remote OpenWRT Server and only use the local internet connection. Please note: the point is not to install OpenVPN clients on the PCs as well, but let the router handle all this.
Schematically:
(1) ---------internet (2)---------(3)-------
(4) PC1 (IP [login to view URL])
^-----(4) PC2 (IP [login to view URL])
^-----(4) PC3 (IP [login to view URL])
1. OpenVPN Server on a server pc with public Internet IP [login to view URL]
2. Internet connection
3. OpenWRT Router (internal IP [login to view URL]) with OpenVPN client (which gets an IP from OpenVPN Server, such as [login to view URL])
4. Client PCs connected to the OpenWRT Router which should get an internal IP ([login to view URL]) but ALL traffic should be routed over the OpenVPN link to Server). These IPs are attributed by a DHCP server on the network (which is not the OpenWRT router).
I've got a lot of experience with OpenWRT, OpenVPN and routing. I've got a custom firmware that I've built that includes all the networking tools you need for a solid router / VPN box. However, since it sounds like you've got your VPN stuff setup and working, all we need to do is some routing on the router to force traffic to go through the VPN. It should be a quick job, and I've got several spare OpenWRT boxes kicking around I can use to test to ensure my solution is reliable, and most importantly, done *right*. I imagine the final product will be a simple script that can be placed in /etc/init.d that will setup the proper firewall and routing rules.