Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. eibgrad

    How to create white list?

    I assume you're referring to *public* IPs on the internet. There's always the Network Services Filter.
  2. eibgrad

    Help with isolating camera and IoT networks

    P.S. Just to give you an idea of how long this AP mode solution has been around the FT forum, I wrote the following firewall script in support of it in 2015! And it has 3800+ downloads. https://pastebin.com/NxU0Q9iu https://www.linksysinfo.org/index.php?threads/virtual-wlan-with-adblock.78853/
  3. eibgrad

    Help with isolating camera and IoT networks

    As I initially described it, the AC68U has its WAN facing the private IP network of the AX82U (i.e., WAN to LAN, respectively), so NO, in that configuration, you would NOT be able to extended the wifi of the AX82U's IP network. But what you could do instead is configure the AC68U in AP mode...
  4. eibgrad

    Help with isolating camera and IoT networks

    If you still have the AC68U, install FT (FreshTomato) firmware and daisy-chain that router to the primary router to support your IOT/Camera networks. This effectively gives you VLAN support since you get the default VLAN (vlan1) of the secondary router, plus any additional VLANs you chose to...
  5. eibgrad

    VPN Director - 2 VPN Clients and Killswitch (3004.388.8_2)

    Yes, it will work. All he's suggesting is that you redefine the DHCP range so the NAS is assigned an IP *outside* that range. And now you can specify a minimal number of rules to route the DHCP range over OVPN2 w/o including the NAS. As I explained, you can continue using 192.168.10.2 through...
  6. eibgrad

    Hardcoded Google DNS IPTABLES rule

    Adding static routes does NOT generate firewall rules. It just adds routes to the routing table. The Network Services Filter is probably NOT the right strategy anyway. It would probably be better to redirect 8.8.8.8 for the TV's MAC address back to AdGuard (or whatever you want using one of...
  7. eibgrad

    VPN director issue on RT-AC86U (386.14 Merlin FW)

    Just use the commands I suggested from an ssh session on the router.
  8. eibgrad

    VPN director issue on RT-AC86U (386.14 Merlin FW)

    Might want to check nvram as well in case adding a rule caused an update/addition there as well (nvram seems much more likely to be exhausted than jffs anyway). nvram show >/dev/null
  9. eibgrad

    VPN director issue on RT-AC86U (386.14 Merlin FW)

    Out of space on /jffs? df -h /jffs AFAIK, these are stored in /jffs. cat /jffs/openvpn/vpndirector_rulelist
  10. eibgrad

    Hardcoded Google DNS IPTABLES rule

    Not sure where it's coming from either, but it might be more helpful if we could see it in context. iptables -vnL FORWARD --line-numbers Also, that's allowing 8.8.8.8 as a destination within the scope of the local private network only (br0<->br0), similar to what you might see w/ NAT loopback...
  11. eibgrad

    Connection to router by ip fails while remote over OpenVPN

    Try another client platform (e.g., laptop) and/or another OpenVPN client (I don't know the first thing about Arne Schwabe's app, I use OpenVPN Connect), just to see if it's something specific to that device and/or OpenVPN app.
  12. eibgrad

    Connection to router by ip fails while remote over OpenVPN

    Well that doesn't indicate a problem w/ the VPN. If you can access a public IP and use domain names across the VPN, that's all you can expect. If you have problems only w/ a specific client-side application like the browser, I'm not sure there's much I can do since I have to way to diagnose...
  13. eibgrad

    Not able to ping to WAN

    Issue the following iptables command to zero the packet counts on the input chain. iptables -Z INPUT Then attempt to ping the router from the internet side of the WAN. Then dump the firewall to see if the icmp rule is there, and whether the packets count (pkts) > 0. iptables -vnL INPUT
  14. eibgrad

    Connection to router by ip fails while remote over OpenVPN

    Is it possible your internet issues are DNS related? IOW, can you ping 8.8.8.8, but something like ping google.com doesn't work.
  15. eibgrad

    Not able to ping to WAN

    Are you running a VPN client on the router at the same time? If the router itself is bound to the VPN client (as opposed to just other devices on the LAN), which would be the case, for example, if you configured "Redirect internet traffic through tunnel" on the OpenVPN client w/ "Yes(all)", you...
  16. eibgrad

    Connection to router by ip fails while remote over OpenVPN

    As far as the routing and firewall, I don't see any problems. Chain OVPNSI (1 references) pkts bytes target prot opt in out source destination 33 1988 ACCEPT all -- tun21 * 0.0.0.0/0 0.0.0.0/0 2 202 ACCEPT udp...
  17. eibgrad

    Connection to router by ip fails while remote over OpenVPN

    I don't understand what you're asking me.
  18. eibgrad

    Connection to router by ip fails while remote over OpenVPN

    Another thing to be cautious about is to add the duplicate-cn directive to custom config if you intend to access the the OpenVPN server from multiple, concurrent clients using the same client certs and keys. If you don't, then access by the next client will kick off the previous client. I'm...
  19. eibgrad

    Connection to router by ip fails while remote over OpenVPN

    From this point forward, do NOT connect to the OpenVPN server from within the same LAN as the OpenVPN server itself. This proves nothing. In fact, it can cause problems since now you have two (2) routes on the client to your local IP network (local and via the VPN). And that can lead to...
  20. eibgrad

    Not able to ping to WAN

    Are you referencing your public IP on the WAN explicitly or using the DDNS domain name? If the latter, perhaps the public IP changed when you installed Merlin but you didn't configure DDNS to update your domain name (just a guess).
Top