How to disconnect/reconnect from OPEN VPN Client using Batch File

Salt_Lamp · Oct 26, 2015

Hey everybody. Recently, I've been having a lot of trouble trying to configure my Open VPN client to suit my needs. Long story short, I'm trying to route specific devices through the VPN while leaving everything else on my standard ISP. In addition, I also want to have the ability to disconnect from the VPN from my computer at will via batch file to my ISP. I've been discussing this issue on a separate forum, but since I'm in a hurry to resolve this issue I thought I might as well try to get some extra help on the matter. I'll provide the necessary links below with further details. Thanks in advance.

Guide (last part, at the bottom): http://

SNB thread: http://

Ralston18 · Oct 27, 2015

Salt_Lamp,

I read your posting mostly out of curiousity and took a look at the links.

In all honesty I sort of follow it all but would require a bunch of time to really get a handle on it.

However, are you familiar with Powershell?

You may be able to use Powershell to some effect. Especially to disconnect from the VPN via the Stop-Process command.

Again just a rather casual comment as food for thought.

lindstrom · Oct 27, 2015

So the guide you followed in the link, the last part is a windows batch script The script on the forum you received help from is a Linux bash script. What OS are you using? By the way chmod is a linux command used to set permissions on files and folders.

Salt_Lamp · Oct 28, 2015

lindstrom :

I'm using Windows 8.1 and Merlin Fork on an ASUS router. The user I've been speaking with over on SNB keeps indicating that I need to run the code below in a command line via my SSH session. I have no idea where to access the command line, though. If I can find out how to access it that should hopefully solve the issue.

On the other hand, I have no idea if that guy is giving me the right info for my particular dilemma, so any other suggestions would be more than welcome.

Code: chmod 755 /jffs/scripts/vpn-route-1.sh

Salt_Lamp · Oct 28, 2015

Ralston18 :

Thanks for responding. I'll definitely keep what you said in mind, but ideally I'd like to disconnect specific devices without shutting off the VPN altogether. However, your suggestion might very well be the only option in the end, so I guess I might just have to make the best of it.

Ralston18 · Oct 28, 2015

As I understand Powershell (slowly working into it) you can kill a process.

Seems not to be a real direct approach. You must Get [the] process and then pipe it to Stop Process.

Sort of the same sequence with services.

Anyway my reasoning is that if you know the process(es) related to the device you wish to disconnect then you "get it" and "stop it". "It" being the process.

Wish I was to the point where I could send an PS example but it would be either very bad, hiliarious, outrageous, risky ....

Will spare you that.

lindstrom · Oct 28, 2015

You access the command line with ssh and according to your other post you have already created the script on the router. chmod 755 will set permissions to the file, user have full permissions, group and everyone else has read and execute permissions. As stated, you should set the vpn devices outside the dhcp pool and they should match the iptables rule. Your issue most likely is that you have not set static IP to the vpn devices which is why the scripts doesnt work correctly, the scripts changes the static ip on the vpn devices to dhcp.

Salt_Lamp · Oct 29, 2015

lindstrom :

Thanks for responding. Anyway, I finally managed to input the code in my SSH session via the command line as well as configure my selected devices to operate outside the DHCP pool when I want them to. Unfortunately, now my problem is that whenever I turn on the VPN client all my devices go through it instead of only the ones I've specified.

*sigh* This is getting tiring. Can anyone tell me what's wrong with this script?

#!/bin/sh

ip route flush table 11
ip route del default table 11

ip route flush cache

tun11_ip=$(ifconfig tun11 | grep 'inet addr:'| cut -d: -f2 | awk '{ print $1}')

ip route add default via $tun11_ip dev tun11 table 11
ip rule add from 192.168.xx.xx table 11
ip rule add from 192.168.xx.xx table 11

ip route flush cache

DNS_SERVER="208.67.222.222 208.67.220.220"
for ip in $DNS_SERVER
do
iptables -t nat -A PREROUTING -s 192.168.xx.xx -p udp --dport 53 -j DNAT --to $ip
iptables -t nat -A PREROUTING -s 192.168.xx.xx -p tcp --dport 53 -j DNAT --to $ip
iptables -t nat -A PREROUTING -s 192.168.xx.xx -p udp --dport 53 -j DNAT --to $ip
iptables -t nat -A PREROUTING -s 192.168.xx.xx -p tcp --dport 53 -j DNAT --to $ip
done

iptables -I FORWARD ! -o tun11 -s 192.168.xx.xx -j DROP

exit 0

Salt_Lamp · Oct 31, 2015

Still having trouble here guys. I put the above script into jffs/scripts and input the following code into my command line: "chmod 755 /jffs/scripts/vpn-route-1.sh". Sadly, I'm still having problems. Whenever I start up the VPN client everything goes through it instead of only the devices I've specified. Could something be wrong with the script?

Also, if I add "route-nopull route-up /jffs/scripts/vpn-route-1.sh" to my VPN client config everything goes through my standard ISP and I can't get back on the VPN client. Any thoughts?

Ralston18 · Oct 31, 2015

Do you have any conditionals (conditional statements) that can be used to identify and thus select the desired devices.

E.g., the following link:

http://www.oreilly.com/openbook/debian/book/ch13_03.html

Seems as if you have a good command of the situation and most everything involved.

Maybe you can come up with a clever combination of arguments and tests to achieve your goal.....

lindstrom · Nov 1, 2015

So the ip addresses matches the specific devices that uses the tunnel or did you actually input "192.168.xx.xx"? So for example if PC1 uses tunnel and has static ip 192.168.1.5 the rule looks like this "ip rule add from 192.168.1.5 table 11".

Salt_Lamp · Nov 2, 2015

lindstrom :

YES! It finally works now! Thanks a lot man!

Can't believe I missed that. Jeez, am I a dunce or what? :pt1cable:

Ralston18 · Nov 4, 2015

lindstrom:

Good catch. I was thinking he was "hiding" IP addresses.....

Adding a new "note to self" to my collection......

lindstrom · Nov 7, 2015

Ralston
Yes I was thinking that to at first but noticed that Salt_lamp said ALL devices went through the tunnel, so always check the most obvious first.

Search

How to disconnect/reconnect from OPEN VPN Client using Batch File

Salt_Lamp

Reputable

lindstrom

Ralston18

Titan

lindstrom

Distinguished

Salt_Lamp

Reputable

Salt_Lamp

Reputable

Ralston18

Titan

lindstrom

Distinguished

Salt_Lamp

Reputable

Salt_Lamp

Reputable

Ralston18

Titan

lindstrom

Distinguished

Salt_Lamp

Reputable

Ralston18

Titan

lindstrom

Distinguished

TRENDING THREADS

Latest posts

Moderators online

Share this page