Einarorama
New Around Here
Hi gurus
I am totally new to this and a novice when it comes to communication, so please bear with me if I am asking a simple question.
And if you feel for answer, please keep it simple!
I have two setups, in two different homes. One setup with a single Asus RT-AX86U and one setup with two Asus RT-AX86U...one of these as AiMesh. All three routers are running Asuswrt-Merlin ver. 388.1.
I have used OpenVPN on these so far, a rule for each of the set vpnservers to only channel my android formuler box (with ip 192.168.50.83 as you can see in the log below here) through VPN.
I don`t need VPN on my other units.
Have worked well, and could be trusted, the killswitch has proved to worked!
Now - finally - my vpnprovider has opened up for Wireguard, and I have disabled my Openvpn-setups and done a setup for Wireguard...with the same rule to only let the Formuler connect through WG.
All works well and the improvement in speed is amazing!
But, by accident, I noted that if I rebooted the router without stopping the Formuler...Analiti on the formuler reported two public IP`s, the VPNserver and my ISP`s
When the router was fully started, I could see the traffic started to go through WG...even though Analiti still showed me the same two public ip`s.
Below here you can see what I found in the routers log....the WG fail to start when it should start due to some `NTP not synced`...resulting in a delay of more then a minute before WG actually starts.
I belive that my Formuler is up and going open and unencrypted for more then a minute without going through the vpnchannel then? Am I right?
The NTP-server was set to pool.ntp.org by default, I tried to change this so now I have time.google.com and also pool.ntp.org as a secondary. Problem persisted. Both these poolservers answers ping very well (logged into the router with putty (yes, I have learned a LOT here) and pinged from inside the router that way).
The poolserver time.google.com is a result of me googling...I really don`t have a clue what a poolserver is!
Do anyone have an idea how to fix this? Please...keep answers easy to understand
Copy/paste from my routerlog....
******
May 5 07:05:18 WAN_Connection: WAN was restored.
May 5 07:05:19 ntpd: Started ntpd
May 5 07:05:20 BONDING: option disabled
May 5 07:05:21 roamast: ROAMING Start...
May 5 07:05:24 WireGuard: Unable to start clients as NTP not synced yet, retrying later
May 5 07:05:27 httpd: Succeed to init SSL certificate...80
May 5 07:05:27 httpd: Succeed to init SSL certificate...8443
Jan 19 15:56:58 ntpd: Initial clock set
.......
....Other things happening for a minute...and the WG is finally started...
.......
Jan 19 15:58:01 vpndirector: Routing Formuler - Wireguard - Madrid from 192.168.50.83 to any through wgc1
Jan 19 15:58:01 wireguard: Forcing 192.168.50.83 to use DNS server 162.252.172.57 for WGC1
Jan 19 15:58:01 wireguard: Forcing 192.168.50.83 to use DNS server 149.154.159.92 for WGC1
Jan 19 15:58:01 WireGuard: Starting client 1.
Jan 19 15:58:01 WireGuard: Other interface use 10.14.0.2 too.
Jan 19 15:58:01 vpndirector: Routing Formuler - Wireguard - Barcelona from 192.168.50.83 to any through wgc2
Jan 19 15:58:01 wireguard: Forcing 192.168.50.83 to use DNS server 162.252.172.57 for WGC2
Jan 19 15:58:01 wireguard: Forcing 192.168.50.83 to use DNS server 149.154.159.92 for WGC2
Jan 19 15:58:01 WireGuard: Starting client 2.
I am totally new to this and a novice when it comes to communication, so please bear with me if I am asking a simple question.
And if you feel for answer, please keep it simple!
I have two setups, in two different homes. One setup with a single Asus RT-AX86U and one setup with two Asus RT-AX86U...one of these as AiMesh. All three routers are running Asuswrt-Merlin ver. 388.1.
I have used OpenVPN on these so far, a rule for each of the set vpnservers to only channel my android formuler box (with ip 192.168.50.83 as you can see in the log below here) through VPN.
I don`t need VPN on my other units.
Have worked well, and could be trusted, the killswitch has proved to worked!
Now - finally - my vpnprovider has opened up for Wireguard, and I have disabled my Openvpn-setups and done a setup for Wireguard...with the same rule to only let the Formuler connect through WG.
All works well and the improvement in speed is amazing!
But, by accident, I noted that if I rebooted the router without stopping the Formuler...Analiti on the formuler reported two public IP`s, the VPNserver and my ISP`s
When the router was fully started, I could see the traffic started to go through WG...even though Analiti still showed me the same two public ip`s.
Below here you can see what I found in the routers log....the WG fail to start when it should start due to some `NTP not synced`...resulting in a delay of more then a minute before WG actually starts.
I belive that my Formuler is up and going open and unencrypted for more then a minute without going through the vpnchannel then? Am I right?
The NTP-server was set to pool.ntp.org by default, I tried to change this so now I have time.google.com and also pool.ntp.org as a secondary. Problem persisted. Both these poolservers answers ping very well (logged into the router with putty (yes, I have learned a LOT here
) and pinged from inside the router that way).The poolserver time.google.com is a result of me googling...I really don`t have a clue what a poolserver is!
Do anyone have an idea how to fix this? Please...keep answers easy to understand
Copy/paste from my routerlog....
******
May 5 07:05:18 WAN_Connection: WAN was restored.
May 5 07:05:19 ntpd: Started ntpd
May 5 07:05:20 BONDING: option disabled
May 5 07:05:21 roamast: ROAMING Start...
May 5 07:05:24 WireGuard: Unable to start clients as NTP not synced yet, retrying later
May 5 07:05:27 httpd: Succeed to init SSL certificate...80
May 5 07:05:27 httpd: Succeed to init SSL certificate...8443
Jan 19 15:56:58 ntpd: Initial clock set
.......
....Other things happening for a minute...and the WG is finally started...
.......
Jan 19 15:58:01 vpndirector: Routing Formuler - Wireguard - Madrid from 192.168.50.83 to any through wgc1
Jan 19 15:58:01 wireguard: Forcing 192.168.50.83 to use DNS server 162.252.172.57 for WGC1
Jan 19 15:58:01 wireguard: Forcing 192.168.50.83 to use DNS server 149.154.159.92 for WGC1
Jan 19 15:58:01 WireGuard: Starting client 1.
Jan 19 15:58:01 WireGuard: Other interface use 10.14.0.2 too.
Jan 19 15:58:01 vpndirector: Routing Formuler - Wireguard - Barcelona from 192.168.50.83 to any through wgc2
Jan 19 15:58:01 wireguard: Forcing 192.168.50.83 to use DNS server 162.252.172.57 for WGC2
Jan 19 15:58:01 wireguard: Forcing 192.168.50.83 to use DNS server 149.154.159.92 for WGC2
Jan 19 15:58:01 WireGuard: Starting client 2.
