I have this problem that my modem/router/wifi hotspot all-in-one gateway provided by the ISP does not allow setting up static routes (and I can't hack into it with Telnet or gain shell access in any way to circumvent it).
I was able to set up a custom DNS server by attaching an external router and using it as a DHCP server. My network topology looks like this:
ISP gateway IP address: 10.0.1.1, assigned from the external router by MAC address mapping (because I also can't provide a self-declared static IP address on the gateway).
External router IP Address: 10.0.1.2 self-assigned. Runs DHCP server.
DHCP settings:
Range 10.0.1.100-10.0.1.254
Router: 10.0.1.1
DNS1: 10.0.1.3
DNS2: 9.9.9.9
Truenas Scale box IP address: 10.0.1.3 self-assigned. Runs pihole, OpenVPN, storage.
OpenVPN settings:
Server: 10.0.2.0/24
push "route 10.0.1.0 255.255.255.0"
push "dhcp-option DNS 192.168.2.3"
push "dhcp-option DNS 9.9.9.9"
keepalive 10 60
Static route on truenas box
Destination: 10.0.2.0/24
Gateway: 10.0.1.3
Post init scripts:
nft add table ip nat
nft 'add chjain ip nat prerouting { type nat hook prerouting priority 0; }'
nft 'add chain ip nat postrouting {type nat hook postrouting priority 100; }'
nft 'add rule nat postrouting iifname openvpn-server oifname enp7s0 ip saddr 10.0.2.0/24 masquerade'
What can I do to circumvent my home gateway restrictions?
Can I push OpenVPN gateway to my external router at 10.0.1.2 and set static route there for destination 10.0.2.0/24 via gateway 10.0.1.3 with another static route for destination 0.0.0.0/0 via gateway 10.0.1.1?
Am I thinking wrong? Any other recommendations?
Currently, my VPN client can only access the apps on the Truenas box and when I push gateway def1 on openvpn, the client cannot access internet. I want to masquerade the client behind my local network entirely (accessing the rest of the local network is nice, but not absolutely necessary).
I was able to set up a custom DNS server by attaching an external router and using it as a DHCP server. My network topology looks like this:
ISP gateway IP address: 10.0.1.1, assigned from the external router by MAC address mapping (because I also can't provide a self-declared static IP address on the gateway).
External router IP Address: 10.0.1.2 self-assigned. Runs DHCP server.
DHCP settings:
Range 10.0.1.100-10.0.1.254
Router: 10.0.1.1
DNS1: 10.0.1.3
DNS2: 9.9.9.9
Truenas Scale box IP address: 10.0.1.3 self-assigned. Runs pihole, OpenVPN, storage.
OpenVPN settings:
Server: 10.0.2.0/24
push "route 10.0.1.0 255.255.255.0"
push "dhcp-option DNS 192.168.2.3"
push "dhcp-option DNS 9.9.9.9"
keepalive 10 60
Static route on truenas box
Destination: 10.0.2.0/24
Gateway: 10.0.1.3
Post init scripts:
nft add table ip nat
nft 'add chjain ip nat prerouting { type nat hook prerouting priority 0; }'
nft 'add chain ip nat postrouting {type nat hook postrouting priority 100; }'
nft 'add rule nat postrouting iifname openvpn-server oifname enp7s0 ip saddr 10.0.2.0/24 masquerade'
What can I do to circumvent my home gateway restrictions?
Can I push OpenVPN gateway to my external router at 10.0.1.2 and set static route there for destination 10.0.2.0/24 via gateway 10.0.1.3 with another static route for destination 0.0.0.0/0 via gateway 10.0.1.1?
Am I thinking wrong? Any other recommendations?
Currently, my VPN client can only access the apps on the Truenas box and when I push gateway def1 on openvpn, the client cannot access internet. I want to masquerade the client behind my local network entirely (accessing the rest of the local network is nice, but not absolutely necessary).
