Jump to content
Not connected, Your IP: 3.145.12.100
FlyByWire

Setting up VPN on my Asus router with Merlin

Recommended Posts

Hi there,

 

I just tried to setup the VPN on my Asus router according to the guide from the "how-to". Problem is when I change the DNS setting to manual and put in 10.4.0.1 and as second a server from open NIC I can't get any connection anymore. Wheter VPN is switched on or off?!

Where is the mistake?

 

I'm running the Asus behind a fiberwire Modem.

 

regards,

 

Holger

Share this post


Link to post

Use Asus Merlin firmware and don’t concern yourself with DNS except to select exclusive for the DNS option in the OpenVPN client setup.

Share this post


Link to post

I am presuming from your title you're already running Merlin.  I went to Merlin from a rather old Asus FW, so it was a big change for me.

 

I'm not sure my setup is perfect, but it seems to work.  I use a OpenNIC project DNS server as my secondary....honestly don't recall if I had tried with Merlin using only the 1 DNS server.

 

My understanding is for the "Accept DNS Configuration" option, that 'Strict' will add your manual DNS in addition to anything provided by the OpenVPN server (or ISP if you don't configure DNS manually) and 'Exclusive' will only use DNS provided by the OpenVPN server.

 

For DNS I have it set as follows:

Connect to DNS Server automatically --> No

DNS Server1 --> 10.4.0.1

DNS Server2 --> <one from OpenNIC project>

 

And for the VPN settings, I use:

Description --> fill in as you wish

Start with WAN --> yes

Interface Type --> TUN

Protocol --> UDP

Firewall --> Automatic

Authorization Mode --> TLS

Username/Password Authentication --> No

TLS control channel secutiry --> Outgoing Auth (1)

Auth digest --> Default

Create NAT on tunnel --> Yes

...

Accept DNS configuration --> Strict

Cipher Negotiation -> Enable (with fallback)

Legacy/fallback cipher --> AES-256-CBC

Compression --> None

...

Redirect Internet Traffic --> Policy Rules

Block routed clients if tunnel goes down --> Yes

 

Rules for routing client traffic through the tunnel:

Description | Source IP       | Destination IP | Iface

All IPs     | 192.168.1.0/24  | 0.0.0.0        | VPN

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...