sudo -i
cd /config
mkdir openvpn
chmod 777 openvpn
cd /openvpn
vi nordvpnauth.txt
Enter following 2 lines replacing with your details:
username
password
esc :wq
change 'auth-user-pass' to 'auth-user-pass /config/openvpn/nordvpnauth.txt'
change 'pull' to 'route-nopull'
exit # sudo
sudo -i
configure
set interfaces openvpn vtun0 config-file /config/openvpn/us1437.nordvpn.com.udp1194.ovpn
set interfaces openvpn vtun0 description 'US OpenVPN tunnel'
commit
set service nat rule 5001 description 'Route US OpenVPN clients'
set service nat rule 5001 log disable
set service nat rule 5001 outbound-interface vtun0
set service nat rule 5001 source address 192.168.99.0/24
set service nat rule 5001 type masquerade
set service nat rule 5002 description 'Route all other clients'
set service nat rule 5002 log disable
set service nat rule 5002 outbound-interface eth0
set service nat rule 5002 source address 192.168.1.0/24
set service nat rule 5002 type masquerade
set protocols static table 1 interface-route 0.0.0.0/0 next-hop-interface vtun0
commit
set firewall modify OPENVPN-US rule 5001 description 'Allow US clients to access vtun0'
set firewall modify OPENVPN-US rule 5001 source address 192.168.99.0/24
set firewall modify OPENVPN-US rule 5001 modify table 1
commit
set interfaces ethernet eth1 vif 100 firewall in modify OPENVPN-US
commit
save
exit # configure
exit # sudo
mca-ctrl -t dump-cfg > config.gateway.json
remove unwanted sections and save
show interfaces
show nat rules
show interfaces openvpn detail
show firewall modify statistics
configure
set interfaces openvpn vtun0 disable
commit
delete interfaces openvpn vtun0 disable
commit