subscribe to our Youtube


14455 questions

17168 answers


0 members

We are migrating to our new platform at Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.
0 votes
380 views 6 comments
by anonymous

Dear All,

I would like to configure my RUT950 as follow:

  1. All traffic from one WIFI SSID (LAN route to L2TP VPN  
  2. All traffic from second WIFI SSID(LAN route to mobile wan

I am using the latest firmware RUT9_R_00.07.02.3   

Can you help me with configuration because I am struggling with the setup.

I have created two WIFI SSID with separate networks but i have an issue how to route the traffic.

Kind regards and thank you in advanced,


1 Answer

0 votes
by anonymous


It can be done by either configuring static routes or a vpn-policy-routing package. 
For an easier way, You can use VPN based routing policy package. This package allows you to configure the routes with a simple series of commands. You can refer to the below link, which shows the OpenVPN traffic splitting using this package:

While configuring this, just change the network addresses to ones that you have configured and also change the name of interface="VPN", to your l2tp instance's name


Best answer
by anonymous

thanks for your answer.

How my command will be look for my setup?

SSID LAN L2TP - route all traffic including

Name of the connection is "DE"

And how I can delete or disable or edit rule in case of need?

Thank you so much,

by anonymous

In your case, it will be like this below (please issue all the commands one by one):

uci set vpn-policy-routing.config.enabled="1"

while uci -q delete vpn-policy-routing.@policy[0]; do :; done

uci add vpn-policy-routing policy

uci set vpn-policy-routing.@policy[-1].dest_addr=""

uci set vpn-policy-routing.@policy[-1].interface="ignore"

uci add vpn-policy-routing policy

uci set vpn-policy-routing.@policy[-1].src_addr=""

uci set vpn-policy-routing.@policy[-1].interface="DE"

uci commit

/etc/init.d/vpn-policy-routing restart

These configurations are executed through UCI commands. To delete any rule/command, you can use UCI delete attribute for that specific rule. For example, if added ntp server using UCI command as below:

uci add_list system.ntp.server=''

This can be deleted via the UCI delete command:

uci delete system.ntp.server

For more information about UCI commands, please visit the below link:



by anonymous


Thank you for your help.

I just tried your command but i replaced uci set vpn-policy-routing.@policy[-1].src_addr="" with 

because i want to route internet via l2tp vpn. I already added static route and i can ping the subnet

Actually your command is doing the same but i need to route internet traffic.

When i do this internet from is also routed to the vpn what i dont want.

How i can fix this?


by anonymous

I mistyped the address in the above comment. Network should not be there in your case. Please refer to the above-edited comment once again and let me know if it works for you or not.

Any device connected to will go through an L2TP VPN tunnel and networks device will go through mobile WAN.
by anonymous
Hi, thanks so much its working now. I have one more issue now I can reach from the network

but I cannot do it reverse from I cannot see for example10.10.21.1. I added route on my server router.

Thanks for your help.

by anonymous
I think you can reset the device and reconfigure everything again because was mistyped by me and it is still affecting the current configurations of the network. OR are you using network? if not, then it's better to reset the device and reconfigure everything again.