I followed the next tutorial:
https://support.surfshark.com/hc/en-us/ ... with-IKEv2
Code: Select all
/ip firewall address-list
add address=192.168.1.0/24 comment="Toda la red por la vpn" disabled=yes list=\
DIREPORVPN
/ip firewall nat
add action=accept chain=srcnat comment=\
"Acepto conexion desde las dirreciones DIREPORVPN a 192.168.10.0" \
dst-address=192.168.10.0/24 src-address-list=DIREPORVPN
add action=accept chain=srcnat comment=\
"Acepto conexion desde las dirreciones DIREPORVPN a 192.168.1.0" \
dst-address=192.168.1.0/24 src-address-list=DIREPORVPN
add action=masquerade chain=srcnat comment=ENMASCARAMIENTO out-interface=\
pppoe-out1
add action=redirect chain=dstnat comment="REDIRRECION DNS 53" disabled=yes \
dst-port=53 in-interface=bridge1 protocol=udp
add action=dst-nat chain=dstnat comment="Home Assistant" dst-port=443 \
in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.10.2 to-ports=\
8123
add action=dst-nat chain=dstnat comment="PUERTA INDEPENDIENTE" dst-port=3460 \
in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.10.20 to-ports=80
add action=dst-nat chain=dstnat comment=OctoPrint dst-port=3000 in-interface=\
pppoe-out1 protocol=tcp to-addresses=192.168.10.2 to-ports=5000
add action=dst-nat chain=dstnat comment="Home Assistant" dst-port=8123 \
in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.10.2 to-ports=\
8123
add action=dst-nat chain=dstnat comment="Escritorio Remoto Raspberry" dst-port=\
3389 in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.10.2 \
to-ports=3389
add action=masquerade chain=srcnat comment=\
"Assistant, Mosquitto SNAT LOOPBACK PARTE 1" dst-address=192.168.10.2 \
dst-port=8123,8883 out-interface=bridge1 protocol=tcp src-address=\
192.168.1.0/24
add action=dst-nat chain=dstnat comment=\
"Assistant, Mosquitto DNAT LOOPBACK PARTE 2" dst-address=!192.168.10.0/24 \
dst-port=8123,8883 protocol=tcp to-addresses=192.168.10.2
add action=dst-nat chain=dstnat comment="Letsencrypt DNAT LOOPBACK PARTE 3" \
dst-port=80 in-interface=pppoe-out1 protocol=tcp to-addresses=192.168.10.2 \
to-ports=81
add action=masquerade chain=srcnat disabled=yes dst-address=192.168.2.1 \
dst-port=32400 out-interface=bridge1 protocol=tcp src-address=\
192.168.2.0/24
/ip ipsec policy
add disabled=yes dst-address=192.168.1.0/24 group=ESSF proposal=ESSF \
src-address=0.0.0.0/0 template=yes
add disabled=yes dst-address=192.168.10.0/24 group=ESSF proposal=ESSF \
src-address=0.0.0.0/0 template=yes
add dst-address=0.0.0.0/0 group=ESSF proposal=ESSF src-address=0.0.0.0/0 \
template=yes
/ip proxy
set cache-administrator=""
Can I somehow exclude netflix from my vpn with surfshark? Since I really wouldn't mind.
If you have any other suggestion do not hesitate to say it. Thank you!