What's new

ASUS RT-86U Merlin and NordVPN pre-configured/custom configuration and DNS settings ?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

zillah

Regular Contributor
Hi All

I have got ASUS RT-AX86U router with Merlin firmware and I am using NordVPN

Few two questions :

1- Is it advisable to upload a pre-configured file UDP to the router and or type in a custom configuration ?

2- The below quote :

((Now you need to configure NordVPN’s DNS settings. In the left sidebar, click WAN. In the Connect to DNS Server automatically field, select No and fill in NordVPN’s DNS servers as follows: 103.86.96.100,,,,103.86.99.100 ))

From "how to" on NordVPN website

https://support.nordvpn.com/Connectivity/Router/1047410642/AsusWRT-Merlin-setup-with-NordVPN.htm

Is using NordVPN’s DNS would prevent DNS Leak ?

Thx
 
1. You must upload the .ovpn profile supplied by NordVPN as it contains the key and certificate. Then enter your username and password. You don't need to make any changes to the custom configuration settings as they're already contained in the .ovpn file.

2. Don't make those changes to the WAN DNS. If you want clients to use a different DNS server use the option in the VPN client settings.

Those instructions on NordVPN's website are for an ancient version of the firmware.

People waste too much time worrying about DNS leaks for no good reason IMHO.
 
1. You must upload the .ovpn profile supplied by NordVPN as it contains the key and certificate. Then enter your username and password. You don't need to make any changes to the custom configuration settings as they're already contained in the .ovpn file.
Noted

Don't make those changes to the WAN DNS. If you want clients to use a different DNS server use the option in the VPN client settings.
Noted

Those instructions on NordVPN's website are for an ancient version of the firmware.
I felt it but I wasn't sure

People waste too much time worrying about DNS leaks for no good reason IMHO.
Noted

Thx Colin
 
@colin what is your comment about post#7 in the link below (custom configuration and speed) ?
 
@colin what is your comment about post#7 in the link below (custom configuration and speed) ?
I rarely use the VPN so I'm not really interested in optimising anything, so I just use the settings that come with the .ovpn file. Some of those recommended settings are already present. The options it adds are as follows:
Code:
disable-occ
mute-replay-warnings
auth-nocache
sndbuf 524288
rcvbuf 524288
push "sndbuf 524288"
push "rcvbuf 524288"
pull-filter ignore "auth-token"
pull-filter ignore "ifconfig-ipv6"
pull-filter ignore "route-ipv6"
explicit-exit-notify 3

If you're using IPv6 then those ignore options are required. When I tested performance the difference was negligible in a synthetic benchmark.
 
1. You must upload the .ovpn profile supplied by NordVPN as it contains the key and certificate. Then enter your username and password. You don't need to make any changes to the custom configuration settings as they're already contained in the .ovpn file.

2. Don't make those changes to the WAN DNS. If you want clients to use a different DNS server use the option in the VPN client settings.

Those instructions on NordVPN's website are for an ancient version of the firmware.

People waste too much time worrying about DNS leaks for no good reason IMHO.
Thank you! So the customized settings suggested in this post is not really needed?

Code:
remote-random
resolv-retry infinite
remote-cert-tls server
ping 15
ping-restart 0
ping-timer-rem
persist-key
persist-tun
reneg-sec 0
fast-io
disable-occ
mute-replay-warnings
auth-nocache
sndbuf 524288
rcvbuf 524288
push "sndbuf 524288"
push "rcvbuf 524288"
pull-filter ignore "auth-token"
pull-filter ignore "ifconfig-ipv6"
pull-filter ignore "route-ipv6"
explicit-exit-notify 3
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
 
Thank you! So the customized settings suggested in this post is not really needed?

Code:
remote-random
resolv-retry infinite
remote-cert-tls server
ping 15
ping-restart 0
ping-timer-rem
persist-key
persist-tun
reneg-sec 0
fast-io
disable-occ
mute-replay-warnings
auth-nocache
sndbuf 524288
rcvbuf 524288
push "sndbuf 524288"
push "rcvbuf 524288"
pull-filter ignore "auth-token"
pull-filter ignore "ifconfig-ipv6"
pull-filter ignore "route-ipv6"
explicit-exit-notify 3
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
The only ones (in addition to those already supplied by the .ovpn file) that might be needed are the two ipv6 lines. They would be necessary if you're using IPv6.
 
Last edited:

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top