Hi, I did find a similar thread from 2014 on this subject (How do i Connect to StrongVPN or any other Commercial VPn provider ?), but it was specific to Astaro at the time, and still applies to XG Firewall (no support for direct configuration on the firewall itself).
So, I wanted to try a potential workaround (proof-of-concept) with a spare Nighthawk router that I successfully flashed to DD-WRT and confirmed it could install and run the StrongVPN VPN Host application (not subscribed or installed at this time, so it's still a 'vanilla' router):
1. Using a single service provider (supplied DSL router).
- Current WAN zone connects to an available port on this router.
- The Nighthawk router would be between the DSL router and the XG firewall (receives DHCP-assigned IP address from router, provides DHCP IP address (unique 192.168.x.0 subnet) to XG interface.
2. For the XG interace, I wanted to create an alternate WAN zone (WAN2) for VPN traffic. (Ultimately, all VPN and non-VPN traffic will still pass through my service provider's gateway device. The non-VPN traffic would be routed through the main WAN Zone (WAN) on the designated interface.
Sidenote:
- It appears XG won't permit creation of additional WAN zones :( . (Is this possible (undocumented option or a hard limit in the firewall design)?
- For now, either the VPN interface needs to reside on the WAN zone or put the Nighthawk into the currently unused DMZ zone (not preferred).
3. Question: (possible workaround to the above) I have been unable to route specific traffic (say, Netflix) or a specific type (P2P or other) from the LAN zone to a specific port on the WAN zone.
- Has anyone managed to do this?
- (Adding the connection as another just another gateway on the WAN zone worked fine for Active-Active configuration, so the connectivity tested fine without getting any granular control over the interfaces themselves.)
Thx.
DK.
This thread was automatically locked due to age.
