Jump to content
Not connected, Your IP: 34.207.137.245
Similiar

Asus Merlin Router AirVPN Setup instructions

Recommended Posts

Posted ... (edited)

Following this Thread, i buyed the Asus RT-AC86U (AC2900).

 
Instead of putting my result into the previous thread i create this one because others may have the same issues as me with it and i also really didnt find a step to step thread for the Merlin Firmware.


1. First of all, if you want to use AirVPN within your router make sure your Routers CPU has hardware support for AES. Because if it doesnt you most probably end up with low Internet speed and the CPU will have a hard time en/decrypting all the Traffic. Saddly i couldnt find a list that shows which router has hardware AES support and which doesnt. But i found a couple of threads over the internet saying the RT-AC86U (AC2900) has it (e.g. https://www.skadligkod.se/vpn/vpn-speedtest-asus-rt-ac86u-merlin-firmware/). Beaware this is a WAN router in case you think of buying it (https://www.asus.com/us/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AC86U/).

2. It is recommended that you install the Asus Merlin Firmware on your Router because AsusWRT own VPN implementation maybe doesnt really utilize the CPU's AES Hardware feature and the OVPN implementation is outdated. (https://www.asuswrt-merlin.net/) (https://sourceforge.net/projects/asuswrt-merlin/files/).

3. After installing the Merlin Firmware check that your router has a connection to the internet.

4. Follow the first step from here (link below) regarding the Config generation. " 1. Create configuration files from our Config Generator. Select [Router or others] and choose a server you like. Tick on [Direct, protocol UDP, port 443] and click on [Generate]. Save the openvpn config file .ovpn (Ex: AirVPN__UDP-443.ovpn) anywhere on your computer. "
 
5. Open the IPv6 Tab in your Router and enable it. Only If you dont have IPv6 or just cant make it working then open up the downloaded .ovpn file you created with the Config Generator and modify it.
Regarding this Thread (link below) you can add these lines to the Config:
Quote

pull-filter ignore "dhcp-option DNS6"
pull-filter ignore "tun-ipv6"
pull-filter ignore "ifconfig-ipv6"

You maybe also have to remove this line
Quote
setenv UV_IPV6 yes
 
6. Then head to the "VPN" tab in your Router and open the "VPN Client" Tab. Note: The Merlin Firmware vpn implementation is much more complex compared to the AsusWRT.
Click "Import .ovpn file" and select the .ovpn file you got from the Config generator. Click the "Upload" button besides it. Wait a second and the Window will refresh.

7. Click the "Apply" Button on the bottom. And then toggle the Service State button.

8. If everything is fine you see a "Connected (local xxxx - public xxxx)" besides it.
Search for "my ip" and check that it isnt yours. If so then head to a internet speedtest like speedtest.net and run a test.

9. You can modify the router setting to your will now. Just return to the previous state if it stops working. I cannot tell you the most recommended or safest settings.

Troubleshooting.
When messing around alot you may end up with a bugged environment and even if your seup is right and should working it could still end up not working.
In my case i had the issue that the ovpn implementation couldnt add the subnet from AirVPN. It showed me a specific error that it couldnt add a tunnel. And i figured that it couldnt because the router already had it setup from previous attempts. In this case it helped to just restart the Router. Edited ... by Similiar

Share this post


Link to post
@Similiar

Hello!

if your router CPU does not support AES-NI (New Instructions) you may enhance performance by using CHACHA20-POLY1305 cipher on the Data Channel. It's supported by all AirVPN servers and requires OpenVPN 2.5 or higher version.

Kind regards
 

Share this post


Link to post

As of Version 386.2_6 of Asus Merlin the OpenVPN version is updated to 2.5.2. So as @Staff said change the cipher in the .ovpn file if AES doesnt work well.
from

Quote
cipher AES-256-CBC
to
Quote
cipher CHACHA20-POLY1305

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...