peacey
commented
1 year ago Hi @signed2,
Sure I can help you debug this. So I can understand the full picture, I'm guessing you are forcing 192.168.0.10 through the VPN, but want to port forward a specific WAN port and that port shouldn't go through the VPN. In that case, your configuration looks correct and it should work, but can I see your full vpn.conf file?
So we can debug it, let's try a few things,
With the port forward rule active and the EXEMPT rule in vpn.conf active, run the following tcpdump on the UDM in SSH,
tcpdump -ni any port 443 and udpThen, try to access the port externally from the WAN (not LAN) and show me the output of the tcpdump.
As for how to cycle the VPN rules, you just need to bring down the VPN and back up again, you don't have to restart the whole console. How depends on which VPN type you're using, so if you give me your full vpn.conf, I can tell you the proper commands to restart the VPN.
Thanks!
signed2
Hi Peacey,
I hijack this topic from @jooost pls see reference in bottom..
I have problem to port forward from wan to local IP.
I can see by a port checker that a certain port is open when I enable it in udm pro firewall, and likewise I can see that the port is closed when I disable the rule. With port forward rule turned on I'm failing to reach to the final destination even when vpn.conf is configed as follow: EXEMPT_SOURCE_IPV4_PORT="udp-192.168.0.10-443" I have tried EXEMPT_SOURCE_MAC, without success.
And a newbie question, do I need to restart console everytime I change the vpn.conf file? So far I hade done it, but there might be a faster way to "kick in" the vpn.conf - or if its up and running when it's saved?
Can you please help me out and debug? Once again, please let me know if there is any way to make a donation!
Thank you,
Originally posted by @signed2 in https://github.com/peacey/split-vpn/issues/170#issuecomment-1622322567