Hello! As a complete beginner in home networking I am a bit lost with my problem. Maybe someone can help:

Setup: Internet socket in the wall -> Fritzbox-router -> Linksys router with OpenWRT and a VPN (NordVPN)

I have to Networks I can connect to, the Fritzbox-Network (192.168.178.) and the OpenWRT-Network (192.168.1.). Most PCs/Smartphones are connected to the OpenWRT-Network to be a bit more protected with the VPN. Some are connected to the Fritzbox.

Now two questions:

  • How can I connect those two networks so that I can e.g. ssh from 192.168.178.10 to 192.168.1.30?
  • Who is providing the DNS, when I connect a PiHole to the Fritzbox, set it as DNS-Server and then connect my PC to the other network, which is routing everything to NordVPN? Does NordVPN use its own DNS-Server?

What do I need to learn to understand my own network better?

  • ANIMATEK@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    Well it would depend on how you are routing your traffic. What is your VPN doing? How is it configured? I am a network engineer, happy to give you a hand.

    I would have it in one of two ways:

    1. 2 different SSIDs/networks, one fully VPN’nd and the other directly connected to internet.

    2. or use 1 network to rule them all and then PBR (policy based routing) for the VPN, meaning that you send only specific traffic through the VPN. This can depend on IP, port, protocol, etc. Definitely the most advanced (and fun!) option.

    • glasgitarrewelt@feddit.deOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Maybe I can describe my favorite outcome of this:

      The Fritzbox serves as modem and connects to my phone and a nextcloud-server. One LAN-connection is plugged into the ‘internet-port’ of the openWRT-router.

      The openWRT-router is connecting all my PCs, Smartphones and my home-assistant-Pi. On the OpenWRT-router every connection to the internet is tunneld through NordVPN to hide my location. And every device connected to the OpenWRT-router uses the Pihole as DNS-Server. And I want to be able to use PiVPN (wireguard) to tunnel into my OpenWRT-network to be able to reach the home-assistant-Pi and to enjoy the benefits of the Pihole and NordVPN while I travel.

      Is that even possible? My main concern is the NordVPN-part and if it works together with the Pihole and the PiVPN. I have a very limited understanding of VPNs and DNS-Server and I don’t want to make myself vulnerable.

      • ANIMATEK@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Well I would create 2 networks in your OpenWRT, Net1 would be tunneled over the VPN and Net2 will break out locally.

        On Net1 you basically keep what you have.

        Then you assign the NC Server to Net2. You can even create a SSID for this network (call it Guest or whatever) for when somebody needs your WiFi. Or if you want to connect a device you don’t care sending outside the VPN.

        Afterwards you can go and turn off the WLAN in your Fritzbox. The telephone will continue working over DECT most likely.

        You will probably also need to “expose” the OpenWRT on your Fritzbox. What this does is forward all traffic, unfiltered, to your OpenWRT. You need to do your own research to see if you want to do this, otherwise just forward porta as you need them.

        • glasgitarrewelt@feddit.deOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Two networks on the OpenWRT is a really good idea, thank you! With the next free weekend and some duckduckgoing I should be able to implement this.