I use an Archlinux as a router on a computer on my network to encrypt all the Internet traffic through VPN. But I need to bypass Openvpn for one device on LAN. Its IP address is always 192.168.0.111.
I Have 3 main interface:
enp4s0 which is my WANenp1s0f0 which is my LANtun0 which is Openvpn InterfaceMy Iptables' rules are:
#!/usr/bin/env bash# enp1s0f0 is LAN (Distribute Internet Across Local Area Network or Devices on LAN)# enp4s0 is WAN (Provide internet)# tun0 is Openvpn InterfaceEXT1="tun0"EXT2="enp4s0"INT="enp1s0f0"iptables -t nat -Fiptables -Fiptables -A INPUT -i lo -j ACCEPTiptables -A OUTPUT -o lo -j ACCEPTiptables -t nat -A POSTROUTING -o $EXT1 -j MASQUERADEiptables -t nat -A POSTROUTING -o $EXT2 -j MASQUERADEiptables -A FORWARD -i $EXT2 -o $INT -m state --state RELATED,ESTABLISHED -j ACCEPTiptables -A FORWARD -i $INT -o $EXT2 -j ACCEPTiptables -A FORWARD -i $EXT1 -o $INT -m state --state RELATED,ESTABLISHED -j ACCEPTiptables -A FORWARD -i $INT -o $EXT1 -j ACCEPTEverything will go through vpn unless I specify an address (destination address) in ovpn config, so it bypasses openvpn for that specific site or domain. But in addition to that I want one of my LAN device (192.168.0.111) to bypass all traffic and go through my WAN directly.
When I specify it on ovpn config that device loses/drops all connection and has no send and receive at all. When I use ip route the same thing happens. I know it is my lack of knowledge.
I try to do it with openvpn config to no avail.
I research a lot, but the information was too complex for me.
ip route or iptables may have a simple way to do it for me. Can anyone explain to me how? Simple enough so I can understand.