Hi,
I would like to setup a hotspot for free public access for many RUT955 routers. The traffic should route through mobile network (4G). But in order to manage the devices easily, I would like to give them a separate VPN access to our network, which is only for remote management HTTP access. I do not want the internet traffic to route through our VPN server.
My motivation is to not overload the VPN server with the traffic of many hotspot users unnecessarily but still have a way to configure the devices remotely. Also, I am not sure, if my mobile provider will allow me to attempt connecting my device (ports open?). Besides, I am not sure, if it is secure to enable remote access over the internet.
I wonder, if there is any way to configure this?
So I tried to configure the firewall to separate OpenVPN from the rest of the network. I turned all forwarding to and from the openvpn zone.
But the moment I enable the openVPN client connection again, these settings are reintroduced. This disables the hotspot wifi and all internet routing. But I can access the router from the same subnet (from PC also connecting to the same OpenVPN server) to revert the settings. After which I have to reboot the router to connect via Wifi or Lan.
PS: I have a second Wifi Network with WPA2/PSK in order to have access to management system, which is closed off for Hotspot wireless network.
FW Version: 07.06
Edit: I had to solve an IP conflict issue. Now all my traffic routes through VPN, meaning clients get internet access over VPN. However, still I am not able to prevent this from happening.