Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. Z

    VPN Director ok, device no connect.

    Great! So, was it infact NordVPN that had changed something requiring you to generate a new config? This could be good to know for others reading this.
  2. Z

    VPN Director ok, device no connect.

    Ok.. there are always risks with this, initially but foremost over time. Which is a reason why a recent test might be an idea to rule out that nord changed something.
  3. Z

    VPN Director ok, device no connect.

    Ok, so routing works without issues. Would you mind opening the Wireguard config file you imported on some text editor and check so your wg ip is right? It feels wierd that it is 10.6.0.2/32 as this is the first ip in this series. It's like Nord set up this endpoint ip: port just for you. Are...
  4. Z

    VPN Director ok, device no connect.

    So, now you get a different response from ip route get 1.1.1.1 from 192.168.1.14 iif br0
  5. Z

    VPN Director ok, device no connect.

    For some reason your vpn director rule does not exist in your routing rules. Are you sure wgc1 are active when taking these dumps, doing these tests? If so, try to delete the rule and create it again. Make sure to remember to click "apply" at the bottom of vpndirector when you are done.
  6. Z

    VPN Director ok, device no connect.

    Thanks! This shows that a packet from 192.168.1.14 to 1.1.1.1 would go out ppp0 (wan) interface and not Wireguard wgc1 interface. How does your routing rules look like: ip rule Also a picture of your vpndirector rules might help.
  7. Z

    VPN Director ok, device no connect.

    Hmm, ok. Any other vpn setup? Recent changes to kill-switch makes it active even if the vpn is disabled so if you have any left-over old config, make sure you disable the kill-switch under everything. If you have ssh access to the router, could you try executing ip route get 1.1.1.1 from...
  8. Z

    VPN Director ok, device no connect.

    Ok. Well, your tunnel seems to be working. Handshake timer resets now and then and you got some data both tx and rx so it's connected. Did you enable NAT? that is usually required on these type of vpns, here are my settings: If "Enable NAT" is set to No, you will probably get exactly what you...
  9. Z

    VPN Director ok, device no connect.

    Do you know if it's a connection issue or dns issue? I.e could you ping an ip on your client (like 1.1.1.1) or domain (like google.com)? Are you using any dns setting in Wireguard? How is your vpn director rule(s)? Single ips or entire network? Is your pihole over vpn?
  10. Z

    Wireguard client optional DNS Server setting

    Nope, the router is using "exclusive" dns redirect for Wireguard only. This means a firewall rule that simply changes destination address on dns packets for clients using the vpn. There are no track whether it's working or not and no round Robin. Perhaps you can but only 1 will be used. Why...
  11. Z

    Wireguard VPN Client: killswitch activation -> LAN administration lock-out

    Sounds like you had a productive couple of days! Thanks for the write-up. Try searching the web about which source address a new packet get on a device with multiple interfaces. Router is not bound to lan in that sense (except gui). Router will not use this address as source address so your...
  12. Z

    Need help setting up ProtonVPN in AsusWRT-merlin

    According to their website: https://protonvpn.com/support/wireguard-configurations?srsltid=AfmBOoqFhfr1GOzDrU7Z-5dYAQtrglV5TmB8pfRY65Ce1aNuUQoozZmh They ate following the open Wireguard standards so it should work. Wireguard (standard) is only a single protocol, perhaps their own app is using...
  13. Z

    How do I get x3mrouting working with AdGuard Home ?

    Sure, it will set everything up for you. It will create the ipsets, setup to restore the ipsets at boot, firewall rules for marking packets and routing rules. So lots of things are made, it does not matter for you if it adds the set to dnsmasq since it won't be populating it. You can create it...
  14. Z

    How do I get x3mrouting working with AdGuard Home ?

    X3mrouting are using ipsets which it puts in dnsmasq.conf.add to have dnsmasq populate the set. You can add the same domain and ipsets to AGH: nano /opt/etc/AdGuardHome/AdGuardHome.yaml Scroll down to ipset section and add your ipsets, I.e: ipset: -...
  15. Z

    SBS. Script for using sing-box on Asus routers with Merlin firmware.

    NAT rules should be in nat-start. FILTER rules should be in firewall-start, so these should go in nat-start. Previously the advice was that everything should be in nat-start (nat, mangle, raw) except filter which should be in firewall-start, but I'm not reading that now so perhaps something...
  16. Z

    Need help setting up ProtonVPN in AsusWRT-merlin

    This line indicates that there are no proper connection with the other end. If you have other vpn clients on the router make sure they are stopped. Test your wg config file on a computer or your phone (while connected to your lan) before trying it out on the router. Most likely this config has...
  17. Z

    Wireguard VPN Client: killswitch activation -> LAN administration lock-out

    Things are not always what they seem. VPN Director rules WAN or WGCx does not explicitly mean what you think. Routing, by means of route tables, normally uses main route table which is mostly maintained by the kernel. it contains routes to every interface and network the router is aware of, as...
  18. Z

    Loss of access to user interface after application of VPN rule and Killswitch (3004.388.8)

    I'm sorry, I don't know if your issue is related to the kill switch. I have not used it myself. It possible though. But I would like to provide you with an alternative methode wich provides alittle more flexibility and avoids creating overlapping rules. Head into router gui. LAN -> DHCP...
  19. Z

    Proton Wireguard Client Question

    Great! Yea it's understandable. If your PC is using vpn and you start talking to it over wan it will answer over vpn so it's not going to work. This is controlled via routing and the tables are static, I.e routing doesn't change depending on where a packet was recieved, as it's just another...
  20. Z

    Proton Wireguard Client Question

    This is the best way to do it in my opinion. Don't make the rules I said before, you simply create a rule for each ip you would like to use the VPN. Nothing more, nothing less, it's that simple. Any such rule could look like this: Local IP: 192.168.1.201 Remote IP: <leave blank> Interface: WGC1...
Top