dantis
Inactive User
I am very new to networking and routers etc. so please be gentle!
Let me explain my set-up, I live in Spain and have a Sky+ HD box with full sub, I want to be able to connect the box to the internet to use all the 'On Demand' facilities, obviously due to my IP address I cannot do it directly. I want to have two networks, one with my Spanish IP address and a second router solely for connection by ethernet cable to the Sky box.
This is what I have done so far:
1) My main router is a Tenda with IP 192.168.0.1
2) My secondary router is a TP-Link WR842ND flashed with DD WRT v2 with IP 192.168.1.1 (to keep the networks separate)
3) I have connected the LAN on the Tenda to the WAN of the TP-Link.
So, as it stands I have two separate networks both with my Spanish IP address. So, I am going to subscribe to an OpenVPN account and program the details onto the TP-Link using their set-up procedure.
Okay, so far so good, what I am concerned about is, if the VPN fails then the router will revert back to my ISP IP address and then the Sky box will know that I am in Spain and possibly block it.
What I want to be able to do is to tell the TP-Link that if there is no VPN connection then to block all traffic until the connection reconnects. I know that this is possible but I have no idea how to do it, can some clever technical person, point me in the right direction and in layman's terms!
"I have come across this on another forum but it is double Dutch to me!
I setup the connection to xxxx servers using their tutorial and then insert following line to the firewall rules: "iptables -I FORWARD -i br0 -o vlan2 -j DROP"
- br0 is the bridge with my lan ports & wireless
- vlan2 is my WAN port connected to the modem ISP
So if there is any connection starting from my lan or wifi to the wan port the firewall of the router blocks the connection.
My firewall rules are like this:
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I FORWARD -i br0 -o vlan2 -j DROP
iptables -I INPUT -i tun0 -j REJECT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE"
I look forward to a non-techie reply.
Let me explain my set-up, I live in Spain and have a Sky+ HD box with full sub, I want to be able to connect the box to the internet to use all the 'On Demand' facilities, obviously due to my IP address I cannot do it directly. I want to have two networks, one with my Spanish IP address and a second router solely for connection by ethernet cable to the Sky box.
This is what I have done so far:
1) My main router is a Tenda with IP 192.168.0.1
2) My secondary router is a TP-Link WR842ND flashed with DD WRT v2 with IP 192.168.1.1 (to keep the networks separate)
3) I have connected the LAN on the Tenda to the WAN of the TP-Link.
So, as it stands I have two separate networks both with my Spanish IP address. So, I am going to subscribe to an OpenVPN account and program the details onto the TP-Link using their set-up procedure.
Okay, so far so good, what I am concerned about is, if the VPN fails then the router will revert back to my ISP IP address and then the Sky box will know that I am in Spain and possibly block it.
What I want to be able to do is to tell the TP-Link that if there is no VPN connection then to block all traffic until the connection reconnects. I know that this is possible but I have no idea how to do it, can some clever technical person, point me in the right direction and in layman's terms!
"I have come across this on another forum but it is double Dutch to me!
I setup the connection to xxxx servers using their tutorial and then insert following line to the firewall rules: "iptables -I FORWARD -i br0 -o vlan2 -j DROP"
- br0 is the bridge with my lan ports & wireless
- vlan2 is my WAN port connected to the modem ISP
So if there is any connection starting from my lan or wifi to the wan port the firewall of the router blocks the connection.
My firewall rules are like this:
iptables -I FORWARD -i br0 -o tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -o br0 -j ACCEPT
iptables -I FORWARD -i br0 -o vlan2 -j DROP
iptables -I INPUT -i tun0 -j REJECT
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE"
I look forward to a non-techie reply.