Inrumpo
Occasional Visitor
Hello community!
I'm experiencing a weird and annoying issue. I hope that I'll find some help here. Since I don't know the cause of my issue, I'm posting this one in the VPN section of the forum.
Environment:
We had a power outage a few days ago. For whatever reason, my network stopped working after that. My router didn't manage to perform an NTP sync. This brought everything to a halt. Multiple reboots and a firmware update to 386.7_1 (at that time) didn't help. I had to do a factory reset. Since the previously saved .tar settings file turned out to be invalid, I have to redo my whole configuration manually. However, I'm not getting it to work the way it did before.
Goal:
I'd like to (again) use my VPN service (NordVPN for now) with their DNS servers and "Accept DNS Configuration" set to "Exclusive" and route some of my devices through this VPN using the "VPN Director (policy ruels)". NordVPN DNS Servers are 103.86.96.100 and 103.86.99.100. For all other devices that don't go through the VPN I want to use DoT with my selected Servers.
The issue:
The VPN connection itself (setting it up in my router settings) does work, but: As long as I've set "Accept DNS Configuration" to "Exclusive", devices that should go through the VPN via policy rules will not have internet access. Setting "Accept DNS Configuration" to "Strict" (or more lenient) does work, but this causes DNS leaks I want to avoid.
Such blocking can look like this in my log:
Current WAN settings:
Current VPN Client settings:
I've basically followed this NordVPN guide.
What I've tried without luck:
but I want/need to use those provided by NordVPN.
I hope someone has an idea how to fix this. Help is appreciated.
I'm experiencing a weird and annoying issue. I hope that I'll find some help here. Since I don't know the cause of my issue, I'm posting this one in the VPN section of the forum.
Environment:
- Asus RT-AC86u Router
- Asus WRT Merlin 386.7_2
- amtm 3.3
- Skynet 7.2.8 (only script besides amtm)
We had a power outage a few days ago. For whatever reason, my network stopped working after that. My router didn't manage to perform an NTP sync. This brought everything to a halt. Multiple reboots and a firmware update to 386.7_1 (at that time) didn't help. I had to do a factory reset. Since the previously saved .tar settings file turned out to be invalid, I have to redo my whole configuration manually. However, I'm not getting it to work the way it did before.
Goal:
I'd like to (again) use my VPN service (NordVPN for now) with their DNS servers and "Accept DNS Configuration" set to "Exclusive" and route some of my devices through this VPN using the "VPN Director (policy ruels)". NordVPN DNS Servers are 103.86.96.100 and 103.86.99.100. For all other devices that don't go through the VPN I want to use DoT with my selected Servers.
The issue:
The VPN connection itself (setting it up in my router settings) does work, but: As long as I've set "Accept DNS Configuration" to "Exclusive", devices that should go through the VPN via policy rules will not have internet access. Setting "Accept DNS Configuration" to "Strict" (or more lenient) does work, but this causes DNS leaks I want to avoid.
Such blocking can look like this in my log:
Current WAN settings:
Current VPN Client settings:
I've basically followed this NordVPN guide.
What I've tried without luck:
- router reboot
- firmware update
- refresh VPN whitelist in Skynet
- refresh whitelist entries in Skynet
- manually whitelist the DNS servers in question in Skynet, but doesn't work ("ipset v7.6: Element cannot be added to the set: it's already added")
- testing different WAN DNS settings (enable/disable DNSSEC support/DNS Privacy Protocol etc.)
I hope someone has an idea how to fix this. Help is appreciated.
Last edited:
after all that time, i didn't want to believe your solution would work - it was way too simple. in fact, i had been using quad9 and replaced it with those nord addresses; but it worked great and my media devices still do netflix, youtubeTV and prime. 
