In parts 1, 2 and 3 of this article, I explained what a VPN is, the reasons to put a VPN on a router, equipment concerns, how to add a VPN client to a router, what modifications to make to the default settings, how to how to create rules to get traffic to the VPN client, and how to manually assign an address to a device on the network. In this article, I will cover creating rules to bypass the VPN client based on both devices and websites.
Create Device Bypass Rules
I do not need streaming devices to go through the VPN. Some applications on my streaming devices do not work with VPNs. Also, the VPN speeds are slower and cause unnecessary calculations on the router’s CPU. I also do not want my smart TVs to go through the VPN. My son has an Xbox, and going through the VPN could impact his gaming. Therefore, I will create rules to bypass the VPN client for the above-mentioned devices.
My son’s Xbox is at IP address 192.168.81.190. On my network, I have assigned all streaming devices IP addresses in the 192.168.81.160- 192.168.81.169 range. I have assigned all smart TV devices IP addresses in the 192.168.81.170- 192.168.81.179 range. Therefore, I will create rules to direct IP addresses 192.168.81.160- 192.168.81.179 to go through the wide area network (WAN) instead of the VPN client.
Creating A Bypass Rule For A Single Device
For my son’s Xbox (IP address 192.168.81.190), I will create the following rule (use the same procedure I used to create a rule previously). However, in the Interface field, I am going to select WAN instead of the VPN client. This will direct all traffic for the Xbox to go through the wide area network.
I could create twenty rules to bypass the VPN for my streaming devices and smart TVs, but since their IP addresses exist in the sequential range 192.168.81.160- 192.168.81.179, I will use CIDR notation again. Using the CIDR calculation site, I can create two rules to cover these twenty IP addresses: 192.168.81.160/28 & 192.168.81.176/30.
Creating A Bypass Rule For Websites
There may be websites that do not run correctly if they go through a VPN. The good news is that most websites run fine. I have only encountered two websites that do not run correctly with a VPN. Also, I may have a website that needs to be run from a certain country. To bypass a website from the VPN client or redirect it to a different VPN client, I need to create a rule. To create a rule, I need to know the IP address the website’s domain points to. Suppose DCT will not run correctly through a VPN (by the way, it runs fine), I would need to know the IP address. I can go to an IP lookup site to find the IP address. Entering the www.davescomputertips.com domain, I get the IP address of 67.202.70.109 (if it were a range of addresses, I could use CIDR notation to create a rule covering the IP ranges).
In the Interface field, I am going to select WAN instead of the VPN client. This will direct all traffic for the DCT website to go through the wide area network. Since the website is external to my network, I will leave the Local IP field blank and enter the IP address in the Remote IP field.
The Bottom Line
A VPN is an encrypted tunnel between a client and a server. There are many reasons to use a VPN. One of these is to increase privacy (the reason I added a VPN client to my network). Creating a VPN router has benefits. The main benefit is that internet traffic for all devices on the network goes through the VPN router. This article describes how to add a VPN client to a router and how to bypass or redirect that traffic using rules for devices and websites. Assuming you have equipment that allows you to create a VPN client, you can create a VPN router. Let me know in the comments if you have any questions.
- Adding A VPN To A Home Network – Part 1
- Adding A VPN To A Home Network – Part 2
- Adding A VPN To A Home Network – Part 3
- Adding A VPN To A Home Network – Part 4 ⬅ You are here
—
