I’m curious how others are handing the need to switch routing of LAN traffic on-demand towards a VPN tunnel. I use unifi networking gear here, and want to be able to push traffic from maybe a specific device, or all LAN devices through a VPN tunnel. I’m comfortable deploying wireguard or using Unifi’s VPN platform.
But I’m struggling to get how others are managing the routing changes needed? Obviously I don’t want all traffic going through the VPN 100% of the time. Only when I want traffic to route that way. I imagined a switch I can toggle on the lovelace UI which allows a script or automation to fire.
Thanks Chris. So am I right in assuming your default gateway is a router loaded with OpenWRT? And that your CC is calling OpenWRT, enabling the OpenVPN component, pushing all traffic through that VPN tunnel?
The reason I ask is because I have a router in the attic I could put OpenWRT onto. That would allow me to still use your CC, making it the default gateway for just the devices I want to enable for this feature. I could configure Unifi to have a specific VLAN with this configuration in place.
Yes, all of my outgoing traffic goes through an OpenWRT router.
You can have multiple OpenVPN profiles on OWRT, and, depending on the need, I enable or disable them on the router.
The CC create 1 switch per profile, so that I can enable/disable the tunnels from HA.