WR21, how to use NTP through IPsec tunnel

Trying to set up NTP service with a server located on the inner network, connected through the ipsec tunnel. When connected to the wr21 on the physical ethernet port, tunneled network is available, but when trying to ping it from wr21 cli interface, packets go through ppp1 interface avoiding the tunnel. How do i set up routing for inner services like NTP to use tunnel not ppp1 interface? Advice please.

there are 2 ways to do this

  1. use the sockopt options and set them to the ethernet interface that matches the VPN network selectors (so eth 0)

all traffic from the router services will then use the eth 0 as the source address

  1. if you only want 1 or 2 services to work use the firewall to translate the source address this would then match the traffic for the vpn

pass out on ppp 1 from addr-ppp 1 to x.x.x.x port=123 -> addr-eth 0

if you which to ping a device over the vpn from the router

ping x.x.x.x -e0

this uses the source address of eth 0 and should match the vpn tunnel