What's new

Bug with OpenVPN Client Settings

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

sweetlyham

Occasional Visitor
I am trying to set Policy Rules (Strict) for my TV to use VPN however when trying to insert "0.0.0.0" into the Destination IP field as per guides I have found online it disappears after saving.

Even if I save using the below settings the TV (and other LAN devices when testing different IPs) aren't routing over the VPN interface. Forcing all traffic through tunnel confirms VPN does work, can't seem to get Policy Rules working.

Any help would be greatly appreciated.

Current Version : 386.2_6
RT-AX58U

Screenshot 2021-06-20 204934.png
 
Another query - I have have Accept DNS Config set to "Exclusive" however my AdGuard Home (similar but better than PiHole) keeps getting DNS requests from TV even though logs confirm (from my understanding below) that the VPN DNS was set.

Code:
Jun 20 20:56:47 openvpn: Forcing 192.168.0.3 to use DNS server 123.123.123.123
Jun 20 20:56:48 dnsmasq[2165]: read /etc/host s - 6 addresses
Jun 20 20:56:48 dnsmasq[2165]: read /etc/host s.dnsmasq - 0 addresses
Jun 20 20:56:48 dnsmasq[2165]: using nameserver 192.168.0.2#53
Jun 20 20:56:50 openvpn-routing: Configuring policy rules for client 1
 
I tried blank and it didn't route via VPN hence why I made the post :)
it should as i have mine blank and they route via VPN. blank it out again and then check what you get for
Code:
ip rule list
ip route show table ovpncX
where X is the client number
 
Another query - I have have Accept DNS Config set to "Exclusive" however my AdGuard Home (similar but better than PiHole) keeps getting DNS requests from TV even though logs confirm (from my understanding below) that the VPN DNS was set.

Code:
Jun 20 20:56:47 openvpn: Forcing 192.168.0.3 to use DNS server 123.123.123.123
Jun 20 20:56:48 dnsmasq[2165]: read /etc/host s - 6 addresses
Jun 20 20:56:48 dnsmasq[2165]: read /etc/host s.dnsmasq - 0 addresses
Jun 20 20:56:48 dnsmasq[2165]: using nameserver 192.168.0.2#53
Jun 20 20:56:50 openvpn-routing: Configuring policy rules for client 1
If AdGuard Home is configured in the LAN DHCP DNS settings, then the TV will not send DNS requests to the router for them to be intercepted by the VPN DNS rules. LAN-to-LAN traffic isn’t routed through the router like LAN-to-WAN traffic obviously is.
 
If AdGuard Home is configured in the LAN DHCP DNS settings, then the TV will not send DNS requests to the router for them to be intercepted by the VPN DNS rules. LAN-to-LAN traffic isn’t routed through the router like LAN-to-WAN traffic obviously is.
AdGuard Home IP is set in WAN.

Screenshot 2021-06-20 222847.png
Screenshot 2021-06-20 222833.png
 
it should as i have mine blank and they route via VPN. blank it out again and then check what you get for
Code:
ip rule list
ip route show table ovpncX
where X is the client number

Screenshot 2021-06-20 224403.png


Screenshot 2021-06-20 224455.png


Code:
admin@RT-AX58U-7A28:/tmp/home/root# ip rule list
0:      from all lookup local
10101:  from 192.168.0.3 lookup ovpnc1
32766:  from all lookup main
32767:  from all lookup default
admin@RT-AX58U-7A28:/tmp/home/root# ip route show table ovpnc1
default via 10.120.10.1 dev tun11
10.120.10.0/23 dev tun11 proto kernel scope link src 10.120.10.13
192.168.0.0/24 dev br0 proto kernel scope link src 192.168.0.1
239.0.0.0/8 dev br0 scope link
 
Last edited:
Seems to be working now... I think by having DNS served at WAN level instead of LAN and rebooting device has resolved issue. Not getting any DNS requests on AdGuard now
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top