Recent content by georgev

Sorry for the long ramble! Short and sweet: I want to connect a second AP to my router via a VPN connection. How do I make it so I can have a minimally interrupted video call as I walk between the APs?

I currently have a Merlin RT-AX86U providing a main network, guest network, and IoT network. There are services like a pihole, a webcam (babycam) DVR server, etc. running as docker containers on a server hardwired to the router, and I've set up a number of iptables and ebtables rules for setting...

I've learned a bit more about what is happening here! When I set the "Accept DNS Config" setting to "exclusive", clients on subnets NO LONGER use the DHCP-set DNS server! In Merlin (3004.388.8_4), I have guest networks. I'm looking at one guest network in particular (wl1.1), but it seems to be...

Yep, I'm tracking that and I don't think my router's /etc/resov.conf is part of this puzzle. In my last post the only /etc/resolv.conf I was attempting to refer to was the one on my client device. Perhaps I could refractor the question a bit. My understanding of this accept dns configuration...

Roger that. I understand how "Accept DNS Configuration" options impact my `/tmp/resolv.dnsmasq` file. I get that on strict it is: `nameserver [what the VPN server pushed]` `nameserver [what was there before]` and on exclusive it is: `nameserver [what the VPN server pushed]` I would think...

Sorry, I have a response that is currently awaiting moderator approval that clears things up a bit. The problem was that my VPN client "Accept DNS Configuration" was set to "Strict" instead of "Exclusive". So now I have a question of "what does that setting really do" that is asked in my...

Well... everything is working now... I swear I didn't change anything recently, but changing my "Accept DNS Configuration" on my VPN client connection (on the router) from "Strict" to "Exclusive" fixed everything. I didn't have any DNS leaks before (I'm currently in India and all of my...

I have a dedicated IP with NordVPN and I have an .ovpn config on my RT-AX86U (running Merlin) to put all of my traffic over that VPN. Everything has been going great. However, just recently, I can no longer log into Disney+ on my network! I try to hit the login page, and it says Disney+ has...

After tcpdump, it looks like 443 was involved, but not the entire problem. Even after I allow 443 traffic through, there is still some tcp traffic going to an ephemeral port on the server that I guess isn't considered "related" or "established". What a weird thing to happen only on iPhone... and...

Great point with the hygiene and the load on the router. I didn't know it worked that way, but that makes sense! That was a no go on the port 443 being the problem, unfortunately. I'll do a tcpdump at some point and report back if I figure this out!

Alright, everything seems stable and the way I want it! I am using YazFi as suggested. Thanks so much for your help and patience @drinkingbird! I think the problem I was having was due to one of my guest networks being part of a subnet range that has changing VPN director rules? I also now see...

Well, I installed the YazFi software and ran into many issues. The order of operations went like this: - I installed the software, enabled YazFi on my guest network. Isolation remained, but I did not have the one way communication that I set the radio button for (I had neither direction). - I...

Alright, if you don't want to explain what it would take with "a lot more than a few iptables rules" to modify the stock guest network paradigm, I understand. To satisfy my curiosity, I'll attempt to pursue learning about how the router sets up its VLANs for guest networks without the help of...

Thanks @ColinTaylor! That's super helpful!

Thanks for pointing me towards that repo! That's great to hear someone has already put together a nice solution for this. Although I'm a bit daunted at the possibility that there are many like plugins/extensions out there that I also don't know about! Does Yazfi exist on some sort of "Merlin GUI...