Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. Z

    ASUS GT-AXE16000 CPU usage with VPN on lan machine

    To my defense, I did ask this specifically in #15... Alright, so now we know. I guess there are 2 ways to go about this: 1. Make a wgclient-start script that automatically remove these entries everytime these clients are started/restarted and keep hoping it continue to work and not create...
  2. Z

    ASUS GT-AXE16000 CPU usage with VPN on lan machine

    Great news! Atleast now we know that these ports existence in blog bypass is the reason for your issues. Just need to figure out why these port are excluded from your nat hw acceleration. Perhaps this could give some hint: nvram show | grep 1337 nvram show | grep 1443
  3. Z

    ASUS GT-AXE16000 CPU usage with VPN on lan machine

    Perhaps a factory reset is a good idea. But it may help others to understand what is going on. Understanding you right is that your PC ip is not included as ip or as cidr range in blog bypass - just making sure (again) For curiosity, how have you setup vpndirector rules? Only 1 or more single...
  4. Z

    ASUS GT-AXE16000 CPU usage with VPN on lan machine

    Alright, but you stated earlier that your 2 port were present in the blog bypass files. They must have been put there by something you configured on your router. I get the setup from your last posts. There are some things on your router that is incompatible with nat acceleration. Wireguard is...
  5. Z

    Wireguard can't access devices behind asus router

    There is a couple of things that may need correction for your setup to behave the way yu want. 1. Remove Nat on your asus client. This setting have no use in site-2-site and only complicates things. 2. In you vpn director rule you may remove the source ip field and leave it blank. 3. If you...
  6. Z

    ASUS GT-AXE16000 CPU usage with VPN on lan machine

    If I understand you right, you are connecting to the same server:port on the router (as these ports are in the bypass list) for some reason. Then trying to connect to same server:port from a lan client. I would think that your issue arise from the bypass on the router but also affects your lan...
  7. Z

    Wireguard Client VPN not using DNS

    Yea, I cannot confirm as I only have ipv6 enabled on the router but not on my lan. But I could see in dnsmasq.conf: dhcp-option=lan,option6:23,[::] According to dnsmasq.conf man pages: my ISP provides me with both a global lan prefix and a global WAN ipv6 address. Wierd if dnsmasq chooses the...
  8. Z

    Wireguard Client VPN not using DNS

    Hopefully, but Ipv6 is tricky as the router is not handing out addresses, only prefix:es. the device self-assigns the rest and with various level of randomness. not easy to set up rules. it would be possible to use mac address and setup custom firewall rules to block ipv6 from these specific...
  9. Z

    Wireguard Client VPN not using DNS

    That's not really the way this should work. Wireguard redirects dns using the router firewall. So all packets from your .130 & .131 ip with destination port 53 should be dnat (change destination address) to wg dns. The router doesn't know if it works or not. If wg dns is not responding it should...
  10. Z

    Wireguard Client VPN not using DNS

    The only way I could think of, is if you have enabled ipv6 on the router. Not sure where Merlin fw currently is on ipv6 but your vpndirector rule only covers ipv4 so ipv6 data may go out wan.
  11. Z

    Wireguard Client VPN not using DNS

    Could your clients be using a privacy dns protocol? DNS-over-https (DoH) is quite common and router cannot detect/stop/redirect all of these. While it may function very differently if the vpn is used on the client device. Try to look in your devices setting to turn off dns privacy. edit: If...
  12. Z

    RT-AX88U maxing out a core and regularly showing 60+ MB/s upload

    As @ColinTaylor mentioned, you need to encrypt the file before uploading it to bypass malware checks. One option to do this on your router: openssl aes-256-cbc -a -salt -pbkdf2 -in /tmp/hklp -out /tmp/hklp.enc It will ask you for a passphrase. Then upload and share the link and passphrase to...
  13. Z

    RT-AX88U maxing out a core and regularly showing 60+ MB/s upload

    If you wish to share the file, it's convenient to use paste.c-net, like: wget --quiet -O- --post-file='/tmp/hklp' 'https://paste.c-net.org/' You will get a web link as return on the command which you can share with people you choose. Works directly on the router.
  14. Z

    Solved Wireguard Server not allowing access to Intranet even though selected

    Ok... strange. I have never encountered any difference between starts. A reboot can sometimes help reset the system and let everything start up in the way and order it was intended. But I always figured it was due to my ssh tinkering. From the looks of it, your system is quite simple and...
  15. Z

    Solved Wireguard Server not allowing access to Intranet even though selected

    What is your router model and what firmware are you running? are you using any other VPN tunnels on your router except for your VPN server? How are your network setup? is it internet -> Router (192.168.100.1) -> 192.168.100.0/24 LAN - is your Zen Wifi connected to this LAN? or does it have...
  16. Z

    ASUS GT-AXE16000 CPU usage with VPN on lan machine

    Wait, your router is not the wireguard client? It's just passing the data? Then what are these ports doing in the blog bypass? Do you have other wireguard vpn on router using these ports?
  17. Z

    ASUS GT-AXE16000 CPU usage with VPN on lan machine

    I don't pretend to understand everything about FlowCache or the bypass. I don't know. But 400-600Mb/s is the limit for data transfer with sw nat. Even if nat is not used I would expect reaching maybe 1000Mb/s due to encryption processing. If you get well above 2Gb/s I have to wonder if your...
  18. Z

    ASUS GT-AXE16000 CPU usage with VPN on lan machine

    If it's in the list it means this port will be bypassed and process by sw, which is why you see core1 spiking (sw nat only uses core 1, Wireguard encryption uses all cores). What if you remove it?
  19. Z

    ASUS GT-AXE16000 CPU usage with VPN on lan machine

    The flowcache bypass uses 2 files to record local IP and port that should be bypassed. You can look at them by: cat /proc/blog/skip_wireguard_port cat /proc/blog/skip_wireguard_network You can add/remove entries here to experiment: echo "add 172.16.1.1/32" >> /proc/blog/skip_wireguard_network...
  20. Z

    Wireguard VPN client does not autostart after reboot

    dont have this issue. but only way Wireguard would "fail" to start is if the endpoint cannot be resolved to an ip at the time of start. do you have any special setup for router DNS? if you SSH into the router and execute: service "start_wgc 2" or possibly service "restart_wgc 2" if that works...
Top