[ASUS AX11000] How to get old vpnClient like functionality on VPN fusion screen.

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Eyeer

New Around Here
Hi,

I did upgrade my asus router to ax11000 in gaming-line router. I see not that it does not have vpnClient but vpnFusion - in theory it can do the same thing but what I was able to do on old client and can't now is to have work openVPN client connected all the time and only some route (server side configured) is pushed thrue VPN. In old client all I needed to do is load ovpn file and it worked in new VPN fusion UI when I select tunnel then all comunication goes thrue tunnel but if I don't select it then no communication goes there. Is there any missing setting that would give back old vpnClient behavior? I know that loading merlin firmware maybe would work but I don't want to lose vpn fusion entirely as its cool when it comes to do other stuff.
 

claonic

New Around Here
Hi, vpn fusion is just stupid. One can direct one network client through the vpn or the internet, which is absolute idiotic. A device going through the vpn, can not access the internet anymore, and vice versa. Practically, the router does not do what it is sold for, which is internet acces.
I just found out, replacing my old Asus router with the new expensive TUF series, especially for the vpn client function. The old vpn client was just fine, a device could access the vpn ant internet at the same time.

So, a workaround would be connecting SSH to the router and adding a route for the remote vpn network after the vpn is connected. I found out that works. You can even have a script do that for you automatically.
 

eibgrad

Very Senior Member
Hi, vpn fusion is just stupid. One can direct one network client through the vpn or the internet, which is absolute idiotic. A device going through the vpn, can not access the internet anymore, and vice versa. Practically, the router does not do what it is sold for, which is internet acces.
I just found out, replacing my old Asus router with the new expensive TUF series, especially for the vpn client function. The old vpn client was just fine, a device could access the vpn ant internet at the same time.

So, a workaround would be connecting SSH to the router and adding a route for the remote vpn network after the vpn is connected. I found out that works. You can even have a script do that for you automatically.

I can only assume you're talking about a situation where the VPN server is NOT hosted by a commercial OpenVPN provider (which in that case, VPN and internet access are synonymous), but to a VPN server hosting a remote *private* network you either own yourself, or have been given access to by someone else (i.e, it's NOT intended for internet access).

I can understand the frustration, if in fact ASUS is *assuming* the former case, and denying access to the internet over the WAN once the VPN is activated. In effect, it's a kill switch, intended to prevent "leakage" over the WAN. But I would assume any sane implementation of a kill switch would allow you to disable it! That's NOT the case? (I have no way of knowing, I never use OEM firmware).
 

claonic

New Around Here
Yes, I am talking about a work VPN. I need to be connected from home both to work and to the internet, of course. This was the original functionality of Asus routers, since when I can remember, maybe 8-10 years, now. In the middle of the pandemic when work from home it's a real thing, Asus just f'ed up this, it's really stupid.
I didn't find any way to disable this, I had to SSH the router and write some init scripts, which is mind blowing at this level and price.
 

RMerlin

Asuswrt-Merlin dev
Yes, I am talking about a work VPN. I need to be connected from home both to work and to the internet, of course.
Then the problem is that server does not push a gateway redirection to the client, so only LAN traffic gets routed through it.

You can possibly work around that by adding "redirect-gateway def1" to your client config. The server will still need to allow WAN traffic.

VPN Fusion itself has nothing to do with that, it`s up to the client to be configured to route Internet traffic. VPN Fusion definitely works, as otherwise none of the commercial services would work with it.
 

claonic

New Around Here
I didn't say it doesn't work, I just said it is wrong by design.
I don't want to use my workplace's internet line. I am at home, working from my personal laptop and I don't want to switch the router's settings each time I want to check a personal website or a work one.
I need to use the work's resources (vpn) AND my internet connection at the same time, just as you would do with a vpn client from a computer (one still has access to the local internet line while using the vpn, it is not cut out).
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top