Menu
What's new
By:
Filters Better Search

Recent content by georgev

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. G

    RT-AC86U VLAN-like modifications to guest network

    After tcpdump, it looks like 443 was involved, but not the entire problem. Even after I allow 443 traffic through, there is still some tcp traffic going to an ephemeral port on the server that I guess isn't considered "related" or "established". What a weird thing to happen only on iPhone... and...
  2. G

    RT-AC86U VLAN-like modifications to guest network

    Great point with the hygiene and the load on the router. I didn't know it worked that way, but that makes sense! That was a no go on the port 443 being the problem, unfortunately. I'll do a tcpdump at some point and report back if I figure this out!
  3. G

    RT-AC86U VLAN-like modifications to guest network

    Alright, everything seems stable and the way I want it! I am using YazFi as suggested. Thanks so much for your help and patience @drinkingbird! I think the problem I was having was due to one of my guest networks being part of a subnet range that has changing VPN director rules? I also now see...
  4. G

    RT-AC86U VLAN-like modifications to guest network

    Well, I installed the YazFi software and ran into many issues. The order of operations went like this: - I installed the software, enabled YazFi on my guest network. Isolation remained, but I did not have the one way communication that I set the radio button for (I had neither direction). - I...
  5. G

    RT-AC86U VLAN-like modifications to guest network

    Alright, if you don't want to explain what it would take with "a lot more than a few iptables rules" to modify the stock guest network paradigm, I understand. To satisfy my curiosity, I'll attempt to pursue learning about how the router sets up its VLANs for guest networks without the help of...
  6. G

    RT-AC86U VLAN-like modifications to guest network

    Thanks @ColinTaylor! That's super helpful!
  7. G

    RT-AC86U VLAN-like modifications to guest network

    Thanks for pointing me towards that repo! That's great to hear someone has already put together a nice solution for this. Although I'm a bit daunted at the possibility that there are many like plugins/extensions out there that I also don't know about! Does Yazfi exist on some sort of "Merlin GUI...
  8. G

    RT-AC86U VLAN-like modifications to guest network

    Hello all! I'm using an RT-AC86U with Merlin and I would like to have three different wireless networks (all with different SSIDs and passwords): one for trusted devices, one for guests, and one for IoT devices. On the guest and IoT networks, I want all devices to be isolated. At this point...
  9. G

    Diversion Diversion problems with dnsmasq through VPN interface

    Works like a charm! Since we've started this thread, my interim solution has been to hide S56dnsmasq and to add the line: echo -e 'server=103.86.96.100@tun12\nserver=103.86.99.100@tun12' > /tmp/resolv.dnsmasq at the end of my /jffs/scrips/dnsmasq.postconf. However, your solution also works...
  10. G

    Diversion Diversion problems with dnsmasq through VPN interface

    Unfortunately it's just the one dnsmasq. Version 2.88. which dnsmasq output: /opt/sbin/dnsmasq dnsmasq -v output: Dnsmasq version 2.88 Copyright (c) 2000-2022 Simon Kelley Compile time options: IPv6 GNU-getopt no-RTC no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset...
  11. G

    Diversion Diversion problems with dnsmasq through VPN interface

    Keep in mind I've moved S56dnsmasq elsewhere so it shouldn't be called anymore (I've tucked it away in /opt/home). #!/bin/sh ENABLED=yes PROCS=dnsmasq ARGS="" PREARGS="" DESC=$PROCS PATH=/opt/sbin:/opt/bin:/opt/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin ...
  12. G

    Diversion Diversion problems with dnsmasq through VPN interface

    Correct, I have two lines in my /opt/etc/dnsmasq.conf file: server=103.86.96.100@tun12 server=103.86.99.100@tun12 That was the only place I pointed to those servers with that interface in my previous working setup. That seemed to set up /tmp/resolv.dnsmasq just fine before, but now something...
  13. G

    Diversion Diversion problems with dnsmasq through VPN interface

    Further troubleshooting: It looks like the /tmp/resolv.dnsmasq file gets messed up (set to the non-tunnel interface) when I restart my vpn, which also (I think) causes dnsmasq to reconfigure. Not knowing all of what is happening during the startups of these processes, I'm a little handicapped at...
  14. G

    Diversion Diversion problems with dnsmasq through VPN interface

    Thanks for the speedy response! Unfortunately I still am not having luck with the /jffs/configs/dnsmasq.conf.add file. Here was my procedure: rm /opt/etc/init.d/S56dnsmasq touch /jffs/configs/dnsmasq.conf.add chmod +x /jffs/configs/dnsmasq.conf.add # I edited /jffs/configs/dnsmasq.conf.add to...
  15. G

    Diversion Diversion problems with dnsmasq through VPN interface

    I just upgraded my Diversion version from 4.1.3 to 4.3.3 (I know, quit a leap). Doing so has broken a key part of my network setup: my dnsmasq queries need to be resolved through my vpn interface "tun12" to avoid DNS leaks on my VPN'd network. I can accomplish this via the following lines for...
See more
Top