Menu
What's new
By:
Filters Better Search

accessing Hulu w/ policy rules

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Z

zimv20

New Around Here
setup:
- Asus RT-N66U
- Merlin 380.58
- Roku 2
- ExpressVPN

for months, i was able to successfully use OpenVPN policy rules to redirect Roku traffic through an ExpressVPN endpoint to stream Hulu. recently, it stopped working. i have not made any changes to the setup to cause that, afaict.

using either of these 2 methods, i can confirm successful Hulu streaming through a specific endpoint:
- using the ExpressVPN iOS app
- on the router, routing all traffic instead of using policy rules

... so i believe the ExpressVPN endpoint is good.

i do not want to redirect all traffic through this VPN endpoint, so i am trying to understand the difference between that and using the policy rules.

to configure the OpenVPN client, i downloaded a config file from ExpressVPN. here is the custom configuration:
Code: 
fast-io
remote-random
pull
tls-client
verify-x509-name Server name-prefix
ns-cert-type server
route-method exe
route-delay 2
tun-mtu 1500
fragment 1300
mssfix 1450
keysize 256
sndbuf 524288
rcvbuf 524288

here is a startup log (here, i am redirecting 2 devices):
Code: 
Sep  4 03:10:49 rc_service: httpd 6595:notify_rc start_vpnclient2
Sep  4 03:10:50 kernel: tun: Universal TUN/TAP device driver, 1.6
Sep  4 03:10:50 kernel: tun: (C) 1999-2004 Max Krasnyansky <maxk@qualcomm.com>
Sep  4 03:10:50 openvpn[7368]: OpenVPN 2.3.10 mipsel-unknown-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Mar 20 2016
Sep  4 03:10:50 openvpn[7368]: library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Sep  4 03:10:50 openvpn[7370]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sep  4 03:10:50 openvpn[7370]: Control Channel Authentication: using 'static.key' as a OpenVPN static key file
Sep  4 03:10:50 openvpn[7370]: Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sep  4 03:10:50 openvpn[7370]: Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sep  4 03:10:50 openvpn[7370]: Socket Buffers: R=[118784->237568] S=[118784->237568]
Sep  4 03:10:50 openvpn[7370]: UDPv4 link local: [undef]
Sep  4 03:10:50 openvpn[7370]: UDPv4 link remote: [AF_INET]184.173.170.208:1195
Sep  4 03:10:50 openvpn[7370]: TLS: Initial packet from [AF_INET]184.173.170.208:1195, sid=cd5c2993 1cbc32c2
Sep  4 03:10:50 openvpn[7370]: VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=support@expressvpn.com
Sep  4 03:10:50 openvpn[7370]: VERIFY OK: nsCertType=SERVER
Sep  4 03:10:50 openvpn[7370]: VERIFY X509NAME OK: C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server, emailAddress=support@expressvpn.com
Sep  4 03:10:50 openvpn[7370]: VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server, emailAddress=support@expressvpn.com
Sep  4 03:10:51 openvpn[7370]: Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sep  4 03:10:51 openvpn[7370]: Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Sep  4 03:10:51 openvpn[7370]: Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sep  4 03:10:51 openvpn[7370]: Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Sep  4 03:10:51 openvpn[7370]: Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Sep  4 03:10:51 openvpn[7370]: [Server] Peer Connection Initiated with [AF_INET]184.173.170.208:1195
Sep  4 03:10:53 openvpn[7370]: SENT CONTROL [Server]: 'PUSH_REQUEST' (status=1)
Sep  4 03:10:53 openvpn[7370]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.11.0.1,route 10.11.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.11.0.22 10.11.0.21'
Sep  4 03:10:53 openvpn[7370]: OPTIONS IMPORT: timers and/or timeouts modified
Sep  4 03:10:53 openvpn[7370]: OPTIONS IMPORT: --ifconfig/up options modified
Sep  4 03:10:53 openvpn[7370]: OPTIONS IMPORT: route options modified
Sep  4 03:10:53 openvpn[7370]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sep  4 03:10:53 openvpn[7370]: TUN/TAP device tun12 opened
Sep  4 03:10:53 openvpn[7370]: TUN/TAP TX queue length set to 100
Sep  4 03:10:53 openvpn[7370]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sep  4 03:10:53 openvpn[7370]: /usr/sbin/ip link set dev tun12 up mtu 1500
Sep  4 03:10:53 openvpn[7370]: /usr/sbin/ip addr add dev tun12 local 10.11.0.22 peer 10.11.0.21
Sep  4 03:10:55 openvpn[7370]: /usr/sbin/ip route add 184.173.170.208/32 via 174.116.120.1
Sep  4 03:10:55 openvpn[7370]: /usr/sbin/ip route add 0.0.0.0/1 via 10.11.0.21
Sep  4 03:10:55 openvpn[7370]: /usr/sbin/ip route add 128.0.0.0/1 via 10.11.0.21
Sep  4 03:10:55 openvpn[7370]: /usr/sbin/ip route add 10.11.0.1/32 via 10.11.0.21
Sep  4 03:10:55 openvpn-routing: Configuring policy rules for client 2
Sep  4 03:10:55 openvpn-routing: Creating VPN routing table
Sep  4 03:10:55 openvpn-routing: Removing route for 10.11.0.1 to tun12 from main routing table
Sep  4 03:10:55 openvpn-routing: Removing route for 0.0.0.0/1 to tun12 from main routing table
Sep  4 03:10:55 openvpn-routing: Removing route for 128.0.0.0/1 to tun12 from main routing table
Sep  4 03:10:55 openvpn-routing: Adding route for 192.168.1.112 to 0.0.0.0 through VPN client 2
Sep  4 03:10:55 openvpn-routing: Adding route for 192.168.1.139 to 0.0.0.0 through VPN client 2
Sep  4 03:10:55 openvpn-routing: Completed routing policy configuration for client 2
Sep  4 03:10:55 openvpn[7370]: Initialization Sequence Completed

can anyone help me understand why there is different behavior between redirect all and policy rules, and/or determine how to get Hulu streaming again using policy rules?
 
You must log in or register to reply here.

Similar threads

N
RT-AX86U-Pro, WAN disconnect every 36 hours
2
Replies
25
Views
2K
Nick24
N
D
RT-AX88U losing WIFI
2 3
Replies
41
Views
3K
ciprian.trofin
C
T
[Help] Problems setting up OpenVPN
Replies
7
Views
306
Thookie
T
A
Devices connect to my openvpn server correctly but no traffic from server to client
Replies
6
Views
1K
ragtap
R
P
RT-AX88U - 388.2_2 - Previously Working VPN Client (NordVPN) no longer functions - Suggestions for NordVPN Working Settings July 2023
Replies
2
Views
2K
PC Pilot
P
Similar threads
Thread starter Title Forum Replies Date
P Accessing remotly Server While Using VPN on Asus Router with Merlin Firmware Asuswrt-Merlin 9
J Help/advice needed for accessing GT-AX11000 SMB shares from WSL Asuswrt-Merlin 6
postoronnim-v How to prevent WireGuard VPN server clients from accessing the local network (allow only Internet access)? Asuswrt-Merlin 18
Z Accessing VPN Clients on Router thru Mobile Phone Asuswrt-Merlin 1
D Proper VPN Policy Rules Asuswrt-Merlin 2
T [Solved]Configure Policy based routing for transparent proxy Asuswrt-Merlin 6
C VPN Policy rules director Asuswrt-Merlin 1

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 858 (members: 39, guests: 819)
Top