Asus 86u OpenVPN issue

[mikeyg76 0]

Good afternoon,

 

i have having the following issue, on my old ASUS 68u running merlin i was able to add as many clients to my VPN redirect list. I am having the issue right now that on my Asus 86u that only 6 clients can be routed on VPN. I have around 10 IP's i would like to not hit my VPN, but for some reason only 6 will be excluded. I have all ten listed, but only 6 will show as being excluded. Thanks

 

Nov 24 14:18:32 openvpn-updown: Forcing 192.168.50.0/24 to use DNS server 10.18.252.1

Nov 24 14:18:32 openvpn-updown: Excluding 192.168.50.76 from forced DNS routing

Nov 24 14:18:32 openvpn-updown: Excluding 192.168.50.10 from forced DNS routing

Nov 24 14:18:32 openvpn-updown: Excluding 192.168.50.157 from forced DNS routing

Nov 24 14:18:32 openvpn-updown: Excluding 192.168.50.129 from forced DNS routing

Nov 24 14:18:32 openvpn-updown: Excluding 192.168.50.184 from forced DNS routing

Nov 24 14:18:32 openvpn-updown: Excluding 192.168.50.20 from forced DNS routing

Nov 24 14:18:32 rc_service: service 12754:notify_rc updateresolv

Nov 24 14:18:37 ovpn-client2[12597]: /bin/ip route add 46.21.151.106/32 via 47.208.228.1

Nov 24 14:18:37 ovpn-client2[12597]: /bin/ip route add 0.0.0.0/1 via 10.18.252.1

Nov 24 14:18:37 ovpn-client2[12597]: /bin/ip route add 128.0.0.0/1 via 10.18.252.1

Nov 24 14:18:37 openvpn-routing: Configuring policy rules for client 2

Nov 24 14:18:37 ovpn-client2[12597]: Initialization Sequence Completed

[Kenwell 9]

I've this exotic setup before, its a false/positive, meaning your excluded static ip range is going through your wan, unfortunately it doesn't show up in the list: Excluding. You can test every excluded device on Ipleak/whatsmyip to see if they are of the game. The Why Question needs to be answered by Merlin.

 

my 2 cents

[mikeyg76 0]

I've this exotic setup before, its a false/positive, meaning your excluded static ip range is going through your wan, unfortunately it doesn't show up in the list: Excluding. You can test every excluded device on Ipleak/whatsmyip to see if they are of the game. The Why Question needs to be answered by Merlin. my 2 cents

 

 

 

Update :Alright so i did a test and added another iphone to the excluded list, even though it will not show up on my system log i can confirm that it shows my true IP, but it still shows VPN's DNS. On the first 6 on the list, nothing shows but my true information, allowing those 6 to access the sites i want them to, on the rest they show my true ip. but vpn's dns which causes me not to be bale t visit the sites i want, which means to me that there is a issue.

[mikeyg76 0]

Here is a updated system log, it appears to show that upto .129 the router is routing the DNS, after that it stops even though it shows the next two going through the WAN, they should also be getting DNS routing.

Nov 26 12:44:50 openvpn-updown: Forcing 192.168.50.0/24 to use DNS server 10.26.124.1
Nov 26 12:44:50 openvpn-updown: Excluding 192.168.50.165 from forced DNS routing
Nov 26 12:44:50 openvpn-updown: Excluding 192.168.50.10 from forced DNS routing
Nov 26 12:44:50 openvpn-updown: Excluding 192.168.50.76 from forced DNS routing
Nov 26 12:44:50 openvpn-updown: Excluding 192.168.50.20 from forced DNS routing
Nov 26 12:44:50 openvpn-updown: Excluding 192.168.50.157 from forced DNS routing
Nov 26 12:44:50 openvpn-updown: Excluding 192.168.50.129 from forced DNS routing
Nov 26 12:44:50 rc_service: service 6946:notify_rc updateresolv
Nov 26 12:44:55 ovpn-client1[6789]: /bin/ip route add 94.100.23.162/32 via 47.208.228.1
Nov 26 12:44:55 ovpn-client1[6789]: /bin/ip route add 0.0.0.0/1 via 10.26.124.1
Nov 26 12:44:55 ovpn-client1[6789]: /bin/ip route add 128.0.0.0/1 via 10.26.124.1
Nov 26 12:44:55 openvpn-routing: Configuring policy rules for client 1
Nov 26 12:44:55 openvpn-routing: Creating VPN routing table (mode 3)
Nov 26 12:44:55 openvpn-routing: Removing route for 0.0.0.0/1 to tun11 from main routing table
Nov 26 12:44:55 openvpn-routing: Removing route for 128.0.0.0/1 to tun11 from main routing table
Nov 26 12:44:55 openvpn-routing: Adding route for 192.168.50.0/24 to 0.0.0.0 through VPN client 1
Nov 26 12:44:55 openvpn-routing: Adding route for 192.168.50.165 to 0.0.0.0 through WAN
Nov 26 12:44:55 openvpn-routing: Adding route for 192.168.50.10 to 0.0.0.0 through WAN
Nov 26 12:44:56 openvpn-routing: Adding route for 192.168.50.76 to 0.0.0.0 through WAN
Nov 26 12:44:56 openvpn-routing: Adding route for 192.168.50.20 to 0.0.0.0 through WAN
Nov 26 12:44:56 openvpn-routing: Adding route for 192.168.50.157 to 0.0.0.0 through WAN
Nov 26 12:44:56 openvpn-routing: Adding route for 192.168.50.129 to 0.0.0.0 through WAN
Nov 26 12:44:56 openvpn-routing: Adding route for 192.168.50.184 to 0.0.0.0 through WAN
Nov 26 12:44:56 openvpn-routing: Adding route for 192.168.50.154 to 0.0.0.0 through WAN
Nov 26 12:44:56 openvpn-routing: Completed routing policy configuration for client 1
Nov 26 12:44:56 ovpn-client1[6789]: Initialization Sequence Completed