nestegg101 3 Posted ... This issue occurs with the latest Asus-Merlin firmware 386.5 as well as recent betas and the previous version. When 10.4.0.1 is entered for the first DNS entry and an alternative DNS IP used for the secondary entry under the [WAN] tab, the router detects that the Internet is Disconnected. This is following the AirVPN How-to tutorial at Using AirVPN with Asus router However, if any of the preset DNS entries for Server 1 were used (using the dropdown menu), the router's Internet Status shows properly connected. Server 2 entry does not seem to matter. Would appreciate any help in this. Quote Share this post Link to post
go558a83nk 362 Posted ... for Asus merlin set WAN DNS to something other than the VPN DNS (10.4.0.1) and in the openvpn configuration set the DNS setting to exclusive. Then it'll switch to VPN DNS when the VPN connects. 10.4.0.1 won't work unless you're connected to VPN because 10.4.0.1 is only accessible through the VPN not from public. 2 Social_House and nestegg101 reacted to this Quote Share this post Link to post
nestegg101 3 Posted ... 17 hours ago, go558a83nk said: for Asus merlin set WAN DNS to something other than the VPN DNS (10.4.0.1) and in the openvpn configuration set the DNS setting to exclusive. Then it'll switch to VPN DNS when the VPN connects. 10.4.0.1 won't work unless you're connected to VPN because 10.4.0.1 is only accessible through the VPN not from public. Thanks. That explains and confirms my findings. Your prior reply to a similar problem has been hugely helpful in my search as well. That said, I am still puzzled by the reasoning behind AirVPN's advice to put 10.4.0.1 for WAN DNS as it seems that while it works partially (using IP instead of domain for AirVPN server), it breaks the router's Network monitoring function. Is there any justification for this? Quote Share this post Link to post
go558a83nk 362 Posted ... 1 hour ago, mazurka7 said: Thanks. That explains and confirms my findings. Your prior reply to a similar problem has been hugely helpful in my search as well. That said, I am still puzzled by the reasoning behind AirVPN's advice to put 10.4.0.1 for WAN DNS as it seems that while it works partially (using IP instead of domain for AirVPN server), it breaks the router's Network monitoring function. Is there any justification for this? *if* you're using IP address in the VPN server field instead of a domain then putting 10.4.0.1 in the WAN DNS setting might be OK. Because there's no domain to resolve the router doesn't need to reach 10.4.0.1 prior to connection. 1 nestegg101 reacted to this Quote Share this post Link to post
SerapheimZ 0 Posted ... Damn it this same issue was driving me frikkin crazy. I had to roll back to 386.3_2. The reasoning behind setting the DNS to Air's internal DNS is to create an extra layer of security for leaks in case of tunnel failure. It's actually quite popular. However, it causes some issues. Ex. if you use a domain name for NTP then VPN connection will fail after a reboot. I actually feel more secure with Air's DNS hardcoded in. Any thoughts? Quote Share this post Link to post
go558a83nk 362 Posted ... If you're using merlin asus and set the openvpn config in policy routing mode there's an option to not allow traffic if the VPN goes down. I'd use policy routing mode, set the DNS option in the openvpn config to exclusive and not put AirDNS in the WAN settings. 1 nestegg101 reacted to this Quote Share this post Link to post
nestegg101 3 Posted ... On 3/10/2022 at 7:55 AM, go558a83nk said: *if* you're using IP address in the VPN server field instead of a domain then putting 10.4.0.1 in the WAN DNS setting might be OK. Because there's no domain to resolve the router doesn't need to reach 10.4.0.1 prior to connection. Would you know why AirVPN do not provide their own public DNS servers for users instead of 10.4.0.1 and 10.5.0.1 unlike many other VPN providers? I'm just wondering whether there is some advantage to this approach. Quote Share this post Link to post
SurprisedItWorks 49 Posted ... 1 hour ago, mazurka7 said: Would you know why AirVPN do not provide their own public DNS servers for users instead of 10.4.0.1 and 10.5.0.1 unlike many other VPN providers? I'm just wondering whether there is some advantage to this approach. Of course the advantage is that 10.4.0.1 can only be reached over AIrVPN, meaning that all your DNS queries and replies are encrypted like everything else going over the VPN. The public DNS system uses queries and replies that are unencrypted, and in at least one country of some 330m population, the odds are high that queries are logged by your ISP so it can sell the log to advertisers. The Air approach is for your privacy. Quote Share this post Link to post
go558a83nk 362 Posted ... 20 hours ago, mazurka7 said: Would you know why AirVPN do not provide their own public DNS servers for users instead of 10.4.0.1 and 10.5.0.1 unlike many other VPN providers? I'm just wondering whether there is some advantage to this approach. I didn't know any VPN providers also have public DNS servers. Which ones do? Quote Share this post Link to post
Not connected, Your IP: 3.129.42.198
Online: 25191 users - 300366 Mbit/s total BW