What's new

GT-AX6000 (388.1) VPN Director killswitch useless?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

eleVator

Regular Contributor
Upgraded my router from RT-AC86U to a GT-AX6000 with now 388.1 merlinWRT and i just tested VPN Director+Killswitch.
Using vpnmgr with 2 nordVPN connections setup both run DNS Exclusive mode & VPN Director Policy Rules.
I noticed that 1 vpn was disconnected but the host using that connection still had internet bypassing the killswitch.
Disabled the second vpn client and the killswitch didn't hold.

After few more VPN on/offs and reboots VPN Exclusive mode isn't working either, something is bypassing it and ISP DNS is being accessed.


Was planing to setup up 2 piholes later today but now i have to understand what is going on here and start looking into killmon script i guess.

Other current settings:
Skynet
ipv6 is off
wifi is completely disabled
Unbound / Router / User defined DNS with routers IP
 
Last edited:
Upgraded my router from RT-AC86U to a GT-AX6000 with now 388.1 merlinWRT and i just tested VPN Director+Killswitch.
Using vpnmgr with 2 nordVPN connections setup both run DNS Exclusive mode & VPN Director Policy Rules.
I noticed that 1 vpn was disconnected but the host using that connection still had internet bypassing the killswitch.
Disabled the second vpn client and the killswitch didn't hold.

After few more VPN on/offs and reboots VPN Exclusive mode isn't working either, something is bypassing it and ISP DNS is being accessed.


Was planing to setup up 2 piholes later today but now i have to understand what is going on here and start looking into killmon script i guess.

Other current settings:
Skynet
ipv6 is off
wifi is completely disabled
Unbound / Router / User defined DNS with routers IP
I'll have to find the reference, but from what I was able to gather, the killswitch functionality that's built-into the firmware only works if a vpn connection disconnects outside of its control/crashes... if you gracefully disconnect, then the killswitch doesn't work as advertised. Thus the need for killmon. ;) I'll see if I can find that and will update this post...

Here's a lot to read up on... ;) https://www.snbforums.com/threads/kill-switch-doesnt-work.74948/
 
the killswitch functionality that's built-into the firmware only works if a vpn connection disconnects outside of its control/crashes.
Thanks, i faintly remember reading that thread when i was dabbling around on my RT-AC86U.
Guess i will not be factory resetting and looking into your scripts next week, thanks for the reply and thanks for your scripts.
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top