What's new

[Release] Asuswrt-Merlin 384.10 is now available

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Wow, so knowledgeable.
So, you want to run things the way you want to run things and also insist that others respect your choice and do as you ask.

I love it when I get a laugh on a lousy day. Thanks!
I won't bother to list my network security qualifications for you as they would likely go right over your head, but suffice to say they are substantial. That little tidbit of information notwithstanding, my question was quite a simple one with regard to a single function, not one in which any request for network security education or training was requested, desired, or needed.

Thanks for your time.
 
No issues, I have downloaded and checked the hash too, literally 1 minute ago.
It seems to be coming back up for me. The only thing I can think of is perhaps some portion of the Cloudflare network was affected yesterday and it happened to be where my connection is going. Who knows. I didn't change anything on my end.
 
It seems to be coming back up for me. The only thing I can think of is perhaps some portion of the Cloudflare network was affected yesterday and it happened to be where my connection is going. Who knows. I didn't change anything on my end.
Cloudfare was out for me for about an hour or so a few days ago. There's always https://downdetector.com/status/cloudflare from a mobile.
 
  • Like
Reactions: #TY
The website isn't behind Cloudflare, only the separate firmware update server is.
 
Wow, so knowledgeable.
So, you want to run things the way you want to run things and also insist that others respect your choice and do as you ask.

I love it when I get a laugh on a lousy day. Thanks!

I laughed too funny af but then I remember how often merlin has to read this nonsense. Best to ignore don’t reply to it or mention them and hope they remain an occasional visitor.
 
174.142.221.134

That's the correct address.

Check that you don't have any security suite / ad blocker / etc... blocking access to it.

Unless my hoster implements some kind of blacklisting on their end, there isn't anything configured on my hosting account to block you.

You can check your route to see if it gets blocked at a specific hop. The last few hops look like this for me:

Code:
 7    20 ms    16 ms    11 ms  ae9-1963.cr0-mtl1.ip4.gtt.net [69.174.17.105]
  8    17 ms    10 ms    11 ms  iweb-gw.ip4.gtt.net [199.229.229.62]
  9    12 ms    14 ms    10 ms  te8-4.dr10.mtl.iweb.com [67.205.127.82]
 10    12 ms    12 ms     9 ms  174.142.221.134

Trace complete.
 
Check that you don't have any security suite / ad blocker / etc... blocking access to it.
I don't believe I do. It was working fine up until 2 days ago then it stopped. I tried disabling Skynet temporarily in case it was interfering but no change. The only other thing on my network is OpenVPN Client connected to ExpressVPN but that was always the case and it was fine before. This is why Im a little baffled by the whole thing. There are no ad blockers, anti-virus, etc on my computer.
 

Attachments

  • Screen Shot 2019-04-11 at 5.37.37 PM.png
    Screen Shot 2019-04-11 at 5.37.37 PM.png
    67.3 KB · Views: 396
I don't believe I do. It was working fine up until 2 days ago then it stopped. I tried disabling Skynet temporarily in case it was interfering but no change. The only other thing on my network is OpenVPN Client connected to ExpressVPN but that was always the case and it was fine before. This is why Im a little baffled by the whole thing. There are no ad blockers, anti-virus, etc on my computer.
Are you running Diversion as well? You might going into it and use the [f] follow the log file, blocked domains. Then try to open the site to see if you are blocks. Sometimes ok sites end up in a blocking file when it updates. Try disabling both Skynet and Diversion and test too.
 
Are you running Diversion as well? You might going into it and use the [f] follow the log file, blocked domains. Then try to open the site to see if you are blocks. Sometimes ok sites end up in a blocking file when it updates. Try disabling both Skynet and Diversion and test too.
Tried all that unfortunately to no avail. When I follow the logs, nothing shows up (I chose to filter by blocked domains). I tried disabling both Skynet and Diversion but no change as well. Im really at loss and hoping it will just resume working on its own.
 
Tried all that unfortunately to no avail. When I follow the logs, nothing shows up (I chose to filter by blocked domains). I tried disabling both Skynet and Diversion but no change as well. Im really at loss and hoping it will just resume working on its own.

Try disabling the VPN then, in case my provider might be blocking its IP.

All I can say is that the site is definitely up and running.
 
  • Like
Reactions: #TY
Try disabling the VPN then, in case my provider might be blocking its IP.
That was it. Why would your ISP disable it like this out of the blue? :(
I switched to another VPN country and I can access the site again.
Where can I provide you with the IP in question?
 
That was it. Why would your ISP disable it like this out of the blue?

A lot of VPN users use them for nefarious purposes. It's possible they were hit by a DoS coming from them, and they ended up blocking that IP at some point. Or the block might even be upstream from my hosting provider, I don't know.

Where can I provide you with the IP in question?

Nothing I can do about that.
 
Cool, no worries. I simply switched to another OpenVPN client for now and all is well.

I have another question (noob alert :oops:)

I am currently able to connect remotely to my OpenVPN server and take advantage of everything on it. However, I just noticed that when doing that, my IP is still local and not going through the OpenVPN client which is connected to an ExpressVPN server in Spain.

I did some digging on this forum and I think found the answer. @Martineau had posted it 2 years ago here:
https://www.snbforums.com/threads/openvpn-server-and-client-question.38378/#post-316743

If I understood it correctly, I simply need to add the following to:
/jffs/scripts/firewall-start

iptables -I POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun1+ -j MASQUERADE
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server2_sn)/24 -o tun1+ -j MASQUERADE

I haven't changed the defaults on the OpenVPN Server so theoretically, this should do the trick right?

My problem right now is I have no idea how to edit the firewall-start script :confused: Is there an easy way to do it from the command line?

Also, am I correct in my understanding of having to paste the above rules to firewall-start and not anywhere else?

Thanks again.
 
Also, am I correct in my understanding of having to paste the above rules to firewall-start and not anywhere else?

As Martineau said, try them directly in the console first to see if they even work. If so, a firewall-start script might be enough, but you'd really want to add them in openvpn-event so they only apply when the vpn is up.
 
As Martineau said, try them directly in the console first to see if they even work. If so, a firewall-start script might be enough, but you'd really want to add them in openvpn-event so they only apply when the vpn is up.
Unfortunately, this is the part that is still unfamiliar to me.
How would you test in the console? I SSH to the router, and then?

Thanks again for all help.
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top