A VPN is curently defined (and this is the simple definition) as if you were plugged into that other network. Your other connections SHALL fail because of how VPNs work.
I run into folk all the time that want a broken VPN that allows local network connections and the VPN.
If you ever see this, that's not a VPN.
Here Is my Scenario :
ROUTER1------------ -IS A ROUTER/MODEM combo. and connects to internet through Isp phone line.
Does not support dd-wrt firmware, so the need for second router
ROUTER2..............just router only, connects to the wan port of Router1 to get to internet, Flashed with dd-wrt for vpn client support
ROUTER_1 _INTERNAL IP: 192.168.1.1, DHCP is enabled.
ROUTER_2 _INTERNAL IP: 192.168.2.1, GATEWAY:0.0.0.0, DNS:dns: 0.0.0.0.
ROUTER_2 _EXTERNAL IP: 192.168.1.20, GATEWAY:192.168.1.1, DNS:dns: from vpn provider.
PC1 _INTERNAL IP: 192.168.2.102, GATEWAY:192.168.2.1, DNS:dns: from vpn provider.
PC2 _INTERNAL IP: 192.168.2.103, GATEWAY:192.168.2.1, DNS:dns: from vpn provider.
DHCP IS DISABLED ON ROUTER2 SO EVERYTHING IS STATIC
VPN (openvpn client) is INSTALLED ON Router2 through commandline.
Now all PC1 & PC2 can now connect to wireless ssid of Router2 and vpn works on them all
PORT FORWARDING ON PC1 & PC2 FOR EXTERNAL SERVICE TO ACCESS THEM
Everything works well without vpn , but once i turn on vpn I loose access to the port.
The vpn provider said the problem has nothing to do with their service.
I did as adviced on here http://www.dd-wrt.com/phpBB2/viewtopic.php?p=707694&sid=781f956c7bdd025e69e0a4a1659b9499
and it still failed.
here is what i executed on the dd-wrt console for PC1:
iptables -t nat -I PREROUTING -i ath0 -p tcp --dport 2300 -j DNAT --to-destination 192.168.2.102
iptables -I FORWARD -p tcp -d 192.168.2.102 --dport 2300 -j ACCEPT
and I can't still see the service.
Please any help to make it work would be appreciated.