local traffic cannot reach inter vlans

[foxswat]

Thank you for this great utility!

I've successfully configured it on my UDMP and specified VPN for one device under one vlan, after device connect to VPN, I can no longer reach this device locally via SSH, is that expected behavior? below are my vlan config:

root@UDMPRO:~# netstat -r
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
10.10.10.0      0.0.0.0         255.255.255.0   U         0 0          0 br10
{WAN_IP}     0.0.0.0         255.255.254.0   U         0 0          0 eth9
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 br0
{used for Adguard}     0.0.0.0         255.255.255.0   U         0 0          0 br5

my vpn.conf conent:

...
FORCED_SOURCE_INTERFACE=""
FORCED_SOURCE_IPV4="10.10.10.67/24"
FORCED_SOURCE_IPV6=""
FORCED_SOURCE_MAC=""
...

the 10.10.10.67's wan traffic is routed over VPN as expected, but I cannot reach it locally from other device(192.168.1.13) in br0 vlan. did I miss some settings?

[peacey]

Hi @foxswat,

By default all traffic from the VPN forced devices go out the VPN for security purposes, so your return traffic isn't making it back to the other VLAN. You'll need to add other VLANs you want to be able to communicate with to EXEMPT_DESTINATIONS_IPV4 variable.

So just set this in your vpn.conf and it should fix it:

EXEMPT_DESTINATIONS_IPV4="192.168.1.0/24""

Also, unrelated, but did you mean to force the entire 10.10.10.0/24 network through the VPN or only the 10.10.10.67 device? Because as you have it right now you are forcing the entire subnet. You should change FORCED_SOURCE_IPV4 to 10.10.10.67/32 if you only wish to force the one device and not the entire subnet.