Redirect hostname to router ip

[kramttocs]

New territory for me.
I think I am having vpn issues (vpn software running on Windows pc that is also hosting some RDP software) that might be solved if I can make my router redirect any call to my hostname right back to itself immediately.

The problem is I don't know what I need to research (what terms) to see if this is possible and the right solution.

To add a little more info:
Running tracert mydoman.com from the Windows pc with vpn off has one hop - out to my ISP
With vpn on, it's goes ten slow hops and then starts timing out.

I already have DDNS setup in the router.

 

[kramttocs]

Thought I might be on to something with dnsmasq.
Skynet already had this setup so I simply had to add my domain name and router ip thinking the router would then handle the port forwarding to my actual Windows machine running the application.
Doesn't look like that is the case though.
With VPN disabled, tracert showed it immediately hitting my router ip which was good but trying to hit an application on my local machine with the domainnameort didn't work as I am assuming it was trying to hit that port directly on my router rather than my router using the port forwarding rules.

Plus, with vpn enabled it still went external and eventually times out so didn't gain me anything there anyways.

 

[drinkingbird]

Thought I might be on to something with dnsmasq.
Skynet already had this setup so I simply had to add my domain name and router ip thinking the router would then handle the port forwarding to my actual Windows machine running the application.
Doesn't look like that is the case though.
With VPN disabled, tracert showed it immediately hitting my router ip which was good but trying to hit an application on my local machine with the domainnameort didn't work as I am assuming it was trying to hit that port directly on my router rather than my router using the port forwarding rules.

Plus, with vpn enabled it still went external and eventually times out so didn't gain me anything there anyways.

When you have VPN enabled you're using their DNS which will only know your public IP and NAT loopback probably won't work with VPN (not ideal to use that anyway). You likely need to get split tunneling set up and use VPN director or config file changes to define traffic that can stay on your LAN.

You'll also want to make sure you're using a different domain or subdomain for your LAN and wan. For example your DNS updates ext.domain.com with your public VPN ip and int.domain.com uses your internal IPs.

I'm no expert on the Asus implementation of VPN but those are things I've run into doing it on Cisco and other implementations.

 

[kramttocs]

Thanks and I am glad you brought up some of those things.

I actually played around with split tunnelling and added tracert.exe to it but not change in behavior which surprised me.

You mention different internal and external domains. Right now I think I just have external. Internal is (for my model) the field "RT-AX86U's Domain Name" on the LAN IP page, right? If so mine is actually blank.


I should have clarified better though - this vpn isn't running on the router. Well, I do have vpn enabled so I can connect to my local network when away but this vpn is different. This is vpn software (one of the dozens of options out there) that is running just on my local windows box. Not other devices on the network are using or aware of it.

So DDNS running on the router is updating to the DNS records (zoneedit in my case) correctly to the ip my isp gives me. The router doesn't know about the vpn software IP I get on my windows box.

 

[drinkingbird]

Thanks and I am glad you brought up some of those things.

I actually played around with split tunnelling and added tracert.exe to it but not change in behavior which surprised me.

You mention different internal and external domains. Right now I think I just have external. Internal is (for my model) the field "RT-AX86U's Domain Name" on the LAN IP page, right? If so mine is actually blank.


I should have clarified better though - this vpn isn't running on the router. Well, I do have vpn enabled so I can connect to my local network when away but this vpn is different. This is vpn software (one of the dozens of options out there) that is running just on my local windows box. Not other devices on the network are using or aware of it.

So DDNS running on the router is updating to the DNS records (zoneedit in my case) correctly to the ip my isp gives me. The router doesn't know about the vpn software IP I get on my windows box.

OK in that case you definitely need to get split tunneling working, when the VPN is active any attempt to connect to something on your local network is going to fail. The only exception would be if you got a VPN provider that allows inbound connections then you target your DDNS hostname. But you'd have to pay for static IP or port forwarding from your VPN provider and it would be slow and inefficient anyway since traffic would have to go to the VPN provider then turn around and come back. You want your LAN stuff to just stay on the LAN.

The router never sees your DNS queries when the VPN is active, those all go through the tunnel, until you get split tunneling working. You should simply need to exclude your LAN subnet from the tunnel to have it work. If you want LAN DNS to work you probably need to do some config to make it send queries for your local network outside of the tunnel to the router as well, but IP should work fine. Probably have to assign a domain of .local or intra.yourdomain.com in the asus and exclude that from the VPN. It varies with each VPN client but usually is pretty straightforward.