Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. eibgrad

    dedicated router for OpenVPN

    I would just create a firewall-start script containing the following: WAN_IF="$(ip route | awk '/^default/{print $NF}')" iptables -I FORWARD -i br+ -o $WAN_IF -j REJECT The following link shows how to create and install the firewall-start script. You just need to substitute the above rules...
  2. eibgrad

    [Help] Problems setting up OpenVPN

    If you have "Redirect internet traffic through tunnel" set to NO (which iirc, is the default), nothing will happen. You either have to use Yes(all) or the VPN Director (and some rules).
  3. eibgrad

    [Help] Problems setting up OpenVPN

    You do NOT want to use their up/down script(s). The router already manages the DNS configuration w/ its own scripts. That's why the GUI has the "Accept DNS configuration" setting.
  4. eibgrad

    [Help] Problems setting up OpenVPN

    Well that's a slightly different error message than before (unless you edited it). That appears to be an attempt to add an IPv6 address. Try adding the following to the custom config field. pull-filter ignore ifconfig-ipv6 pull-filter ignore route-ipv6 block-ipv6
  5. eibgrad

    dedicated router for OpenVPN

    It works as you describe it. The fact it's subordinate to another router upstream that YOU happen to control doesn't make it any different from the same configuration on the primary router. It all works the same. However... Many ppl don't find the built-in killswitch 100% reliable. It's...
  6. eibgrad

    [Help] Problems setting up OpenVPN

    Not sure if by "config" that's what ended up in the custom config field, or an actual dump of the underlying config file. If the import placed anything in the custom config field, remove it and try again. If that works, then try adding back the remote-random and remote directives to custom...
  7. eibgrad

    Need help with Namecheap -> Router -> Caddy

    Forget about this issue w/ Namecheap and DNS for the time being. That is NOT an essential or even an important factor in gaining remote access. You can simply refer to your public IP for the time being. In fact, configuring your own domain name assumes you have a static public IP, which is NOT...
  8. eibgrad

    OVPN server setup problem

    I'm curious what that might cost. My ISP requires a business account upgrade, which is a significant cost (starts @ $200/month w/ 12 month commitment). For a $6 a month, you can create your own cloud-based OpenVPN Access Server w/ Digital Ocean.
  9. eibgrad

    RT-AX86U Pro LAN Port on Guest Network

    I assume you're using FT (FreshTomato) as I suggested. Go to Administration->Scripts and paste it in the Firewall tab. Save and Reboot.
  10. eibgrad

    Accidentally blocked myself out of GUI and SSH

    Would have been a LOT more faster if the OP made a backup before messing with it.
  11. eibgrad

    Accidentally blocked myself out of GUI and SSH

    Yes. It just gives you more options. Now you can connect a wireless device to the secondary router, such as your phone.
  12. eibgrad

    Sudden VPN client issues with RX-AX82U

    Only thing I can suggest at this point is make a backup of the router config and JFFS, then reset to factory defaults, reconfigure the VPN, and see it now works. Worst case, you can always go back to where you are now.
  13. eibgrad

    Accidentally blocked myself out of GUI and SSH

    What about an old router? Use the clone MAC feature and connect to the primary router as a secondary, daisy-chained router, with its own IP network, APs, etc. IOW, route into the primary router (WAN to LAN) rather than necessarily bridging into it (LAN to LAN).
  14. eibgrad

    Sudden VPN client issues with RX-AX82U

    Merlin stores the certs, keys, etc., in the /jffs/openvpn directory. You could dump the relevant files and make sure they haven't been corrupted.
  15. eibgrad

    Accidentally blocked myself out of GUI and SSH

    If there's a least one device that can access it, then it may be possible to impersonate that device by manually configuring a desktop/laptop w/ that same IP and/or MAC address. P.S. I don't use the OEM firmware, so I'm unsure about whether JFFS would be reset (IIRC, it does for Merlin). But...
  16. eibgrad

    Troubleshooting Access Point Connectivity: WAN vs. LAN Port Issue

    Normally, AP mode should reassign the WAN port to the LAN making it useful again. There isn't even a firewall anymore to prevent access. It could either be a faulty WAN port, or perhaps an unreliable ethernet cable. Perhaps replugging the cable reset the network and fixed whatever corrupted...
  17. eibgrad

    How to block LAN access for a wired device on ASUS Merlin (Firmware 3004.388.8_2)?

    Sure. Although if you go down the path of additional hardware, my first inclination would be to use an old router, esp. since I'm sure a lot of users have such hardware lying around doing nothing (consider all the ASUS AC routers soon to reach EOL). Even an old wireless G/N router will suffice...
  18. eibgrad

    How to block LAN access for a wired device on ASUS Merlin (Firmware 3004.388.8_2)?

    But doesn't that assume the secondary switch will be dedicated to that LAN port on the primary router? IOW, *any* device on the secondary switch ends up isolated from the private network. Not sure if that's what the OP is looking for. Not unless the OP is willing/able to plug the device into...
  19. eibgrad

    BRCTL command options

    That link is just to the documentation. The actual source does NOT include that command/option. https://github.com/RMerl/asuswrt-merlin.ng/blob/master/release/src/router/bridge/brctl/brctl_cmd.c Which isn't unusual. Many times certain commands/options are removed to save space, esp. if the...
  20. eibgrad

    Connecting to the router using ddns domain name from within the network?

    Absolutely correct. I wasn't suggesting it was a good idea. It is NOT. I was merely explaining for those who insist on this approach, what it takes to work as requested. Most ppl become interested in NAT loopback because they want to maintain the same references to their services whether...
Top