moogleslam 0 Posted ... I'm trying to get my house set up so some devices are on VPN, and some are not. As I understand it, the easiest way to do this is by having a second router connected to the primary router, and have that second router set up for VPN devices, and the primary one for non-VPN devices. First of all, does AirVPN support this, and if so, is there a guide on how to set it up? The Router I currently have is a TP-Link Archer AC1750. What do I need to look for when purchasing a second router? Thanks! Quote Share this post Link to post
go558a83nk 380 Posted ... Just get an asus AC86 and run merlin firmware. With that you can do policy routing....routing some clients to the WAN and others through the VPN. No need for two routers. I recommend the AC86 because it has an AES-NI CPU so your openvpn speed should be satisfactory. Quote Share this post Link to post
moogleslam 0 Posted ... 35 minutes ago, go558a83nk said: Just get an asus AC86 and run merlin firmware. With that you can do policy routing....routing some clients to the WAN and others through the VPN. No need for two routers. I recommend the AC86 because it has an AES-NI CPU so your openvpn speed should be satisfactory. Apologies, most of that is a foreign language to me I don't need WiFi on the VPN Router; everything is hard wired. Is there a cheaper option? Quote Share this post Link to post
go558a83nk 380 Posted ... no cheaper option unless you want to be crippled by a poor CPU. Quote Share this post Link to post
moogleslam 0 Posted ... 2 hours ago, go558a83nk said: no cheaper option unless you want to be crippled by a poor CPU. Are you referring to using a single router solution? Is using a second router a cheaper option which wouldn't "cripple" anything? Do other VPN's offer more flexibility with router VPN solutions? Quote Share this post Link to post
go558a83nk 380 Posted ... Yes, you could use a single router and still have some devices go through the VPN and others not. I'm telling you, a cheap option will not be satisfactory with regard to speed. I'll not even entertain using another VPN provider. Quote Share this post Link to post
moogleslam 0 Posted ... 1 minute ago, go558a83nk said: Yes, you could use a single router and still have some devices go through the VPN and others not. I'm telling you, a cheap option will not be satisfactory with regard to speed. I'll not even entertain using another VPN provider. Speed in what terms? Download/Upload? If it makes a difference, the devices I want on the VPN are: 2 x Roku TV 1 x Roku Ultra 1 x Plex Server (Windows 10) Quote Share this post Link to post
moogleslam 0 Posted ... On 8/26/2019 at 11:43 AM, go558a83nk said: Just get an asus AC86 and run merlin firmware. With that you can do policy routing....routing some clients to the WAN and others through the VPN. No need for two routers. I recommend the AC86 because it has an AES-NI CPU so your openvpn speed should be satisfactory. I've been reading and understanding a little more about your recommendations. Considering what you suggested indeed. Would an RT-AC68U be sufficient, though? Quote Share this post Link to post
go558a83nk 380 Posted ... 3 minutes ago, moogleslam said: I've been reading and understanding a little more about your recommendations. Considering what you suggested indeed. Would an RT-AC68U be sufficient, though? What speed are you wanting through the VPN? The AC68U will struggle to do 30mbit/s. The AC86 can do on the order of 200mbit/s because of AES-NI. Quote Share this post Link to post
moogleslam 0 Posted ... 12 hours ago, go558a83nk said: What speed are you wanting through the VPN? The AC68U will struggle to do 30mbit/s. The AC86 can do on the order of 200mbit/s because of AES-NI. Per 4k streaming requirements, it looks like 25 mb/s is necessary, but if we're talking about potentially 2 or even 3 devices streaming at once, the AC68 might not cut it indeed. Quote Share this post Link to post
YLwpLUbcf77U 32 Posted ... Depending on your router, you should be able to flash DD-WRT to it and have VPN running in client mode. That way it will connect to the AirVPN server and any devices that connect to your router won't need to run AirVPN locally. You can also add exception lists so your streaming devices don't use the VPN and connect to the web directly (probably an issue for some geo-blocked streaming services). To add a whitelist (IP addresses you *want* to use the VPN client on the router, in DD-WRT on the Services -> VPN page, under the Policy based routing section, add "192.168.XXX.XXX/32" (XXX = the actual local IP of the device/computer). If this is done right, any IP's not on that list will connect to the web nakedly. Quote Share this post Link to post
moogleslam 0 Posted ... Hi guys, I've made some good progress: 1. Purchased and set up ASUS RT-AC86U 2. Flashed with latest Asuswrt-Merlin 3. Installed VPN on it via config files and tested. Success 4. Tested Policy Rules. Success My problem now is that my applications such as Amazon Prime & Netflix, running on a Roku TV, which I added to the policy to route through VPN, are being detected as running on the VPN, and are blocked. I've since tried using Obfuscated config files, but I cannot get the Service State to turn to ON when trying these. Is there an additional change in the router that's required with obfuscated configs, which was not required with the standard config files? Alternatively, I've read some stuff about setting up OpenVPN to run on TCP port 443 to solve this, but I'm not sure how, and am also concerned that it will be slower because it's not UDP. Can this be done on my router, rather than via software? Any solutions? Thanks! Quote Share this post Link to post
go558a83nk 380 Posted ... I don't know what's missing that you can't connect with tls-crypt configs. Make sure that: auth digest = sha512TLS control channel security = encrypt channel Getting those streaming services working has nothing to do with the above obfuscation but rather making sure your DNS isn't leaking. If DNS isn't leaking they still may be sniffing you out some other sneaky way or just blocking IP addresses of the VPN. To make sure DNS isn't leaking make sure the settingAccept DNS Configuration = exclusive Test for DNS leaks at ipleak.net Again, it doesn't matter to those streaming services what port and protocol you use . They just block IPs. Use UDP if you can. Only use TCP if your ISP heavily throttles UDP. Quote Share this post Link to post
moogleslam 0 Posted ... Checked the 3 things you listed, and had to change two; TLS control channel security and also Accept DNS Configuration. Tested with Amazon Prime, and no issues! Will test again with Netflix later tonight, and then I'll see if it helps avoid regional blackouts with a football game this weekend. Thank you so much! Quote Share this post Link to post
moogleslam 0 Posted ... I might have spoken too soon. It seems that TLS control channel security = Encrypt Channel is preventing my Router from connecting to the server. Service State will go to ON, but adjacent it just says "Connecting...", and it never gets to "Connected" Tried it with this setting set to Outgoing Auth (1), and it connects, but then Netflix detects the VPN again. Have tried Router reboots and different config files, but no success. Seeing this in the Log: Sep 13 17:35:26 ovpn-client1[8199]: TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) Sep 13 17:35:26 ovpn-client1[8199]: TLS Error: TLS handshake failed Sep 13 17:35:26 ovpn-client1[8199]: SIGUSR1[soft,tls-error] received, process restarting Sep 13 17:35:26 ovpn-client1[8199]: Restart pause, 5 second(s) Quote Share this post Link to post
the1lemming 4 Posted ... Hello, I think that I may have come to this party late. I live in the UK and my ISP is Virgin Media who gave me a free Cable WiFi Router (ADSL). Sadly this router can not be used as a VPN Client so I bought a Linksys WRT 1900ACS router (DSL). The Linksys Router is a router designed for a telephone line and not a Cable router. This meant that I had to turn the free Virgin Media Cable Router into a modem. I then connected my Linksys Router to the Virgin Media Router. From this point all my network and internet connections went through the Linksys Router. I then followed the AirVPN How-To walk-through tutorial to set up my Linksys Router. Once I followed the tutorial, everything in my home went through the VPN. I did not have to worry about what or where the kit was and I did not have to do anything to the kit other than connect it to my Linksys Router. And the best bit about my choice of Linksys Router is that I get impressive encryption speeds which can easily hit 200mbps, provided I pay for those speeds. I am only limited by which VPN server I point my Linksys Router at and how much I am willing to pay to my ISP for their speed packages. I just open a Command Prompt and type the magic words nslookup gb.all.vpn.airdns.org dns1.airvpn.org If I want another country then I replace the letters gb for Great Britain with another country like the Netherlands with nl nslookup nl.all.vpn.airdns.org dns1.airvpn.org Long story short I use a Linksys Router which is flashed with DD-WRT firmware and I then use the Router as a VPN client for everything within my home. Quote Share this post Link to post
bluesjunior 48 Posted ... Which version of the Virgin Superhub are you running in modem mode?. There are a lot of complaints both here and at the Virgin support forums on a reduction in broadband speed via VPN since the introduction of the superhub v3.0 to replace the superhub v2.0ac. Although I now have a reasonable download speed with my superhub v3.0 in modem mode running through a Linksys EA7500 router it was much better with my previous v2.0ac version and I personally wish I hadn't changed it out. Quote Share this post Link to post