VPN connecting after boot up

[Vernier]

Hi, I have an Asus AC68U with Merlin last firmware RT-AC68U_384.15_0
I enabled VPN and I have it set by default so all traffic goes through it at all time:

Automatic start at boot time YES
Redirect Internet traffic Policy rules (strict)
Block routed clients if tunnel goes down YES


I noticed recently that (as well with previous versions) when I boot up my router it will connects me first to the internet without VPN so my "real" ip is beging disclosed. after a few seconds the VPN runs fine but I would like to avoid that.

Like the router does first: connects to internet
And then kind of understands that it was supposed to use VPN

how could I set it up that no connection would be created before the VPN is working fine, so I would have no IP leak?

thank you

 

[ColinTaylor]

how could I set it up that no connection would be created before the VPN is working fine, so I would have no IP leak?

You can't. Before you establish a VPN connection the router must be configured with the correct date and time. To set the date and time the router must connect to the internet.

 

[Vernier]

Hi, thank you for your reply.
I understand the idea, however isn't it possible to bypass it? I mean for example not allowing the connection unless I have a specific IP? I am always using the same static VPN IP.
And I would not mind having an incorrect clock.

thank you

 

[ColinTaylor]

And I would not mind having an incorrect clock.

You're missing the point. Having the clock set correctly is not optional. You cannot create a VPN connection if the date/time is incorrect (it's the way the encryption works).

 

[Vernier]

Thank you I was not aware of that. But then wouldnt it possible to let the router itself connect to internet, while blocking any other device from conecting to internet until the VPN connection will be established?

 

[ColinTaylor]

I guess it's theoretically possible, but probably quite difficult to implement reliably because of the design of the router's boot up process.

I would think that for the vast majority of people this is a non-issue. For something that only occurs for a few seconds whenever the router starts up it's probably not worth the developer's time looking at this over more important issues.

 

[Sonyrolfy]

Thinking MacGyver style Maybe you can put a powered switch behind your router and connect your (special) devices on it and turn it on when the router has (re)started? Disable WIFI before a restart. My two cents.

 

[Vernier]

Thinking MacGyver style Maybe you can put a powered switch behind your router and connect your (special) devices on it and turn it on when the router has (re)started? Disable WIFI before a restart. My two cents.

I think I will go with the MacGyver style
I expected rather a setting based solution, but the hardware one sounds interesting as well.
thank you!

 

[Alfsu]

Your settings may be incomplete:

- Automatic start at boot time YES
- Redirect Internet traffic Policy rules (strict)
- Block routed clients if tunnel goes down YES

You did not provide the "Policy Rules"... It would not matter anyway if what you want is all traffic through the VPN.

Regardless, try changing the "Force Internet Traffic Through Tunnel" from "Redirect Internet traffic Policy rules (strict)" to "Yes" in which case all LAN traffic will be routed to the VPN and not before the VPN connection is up.

Good luck.

Sent from my ONEPLUS A3000 using Tapatalk