So I have an ASUS RT-AC5300. I am running a Mac Mini (10.5.50.110) with Plex. I have a subscription to Torguard to route some of my traffic from the Mac Mini. I have updated to the latest firmware 384.5. When I have the VPN client running on my router all my internet traffic seems to be slow. Only traffic coming from the Mac Mini, excluding Plex is supposed to go through the VPN tunnel. Everything else is supposed to go out through my ISP. Here is what I have configured in my openvpn-event file under /jffs/scripts
Here is what I have configured in the Client VPN Settings on the router:
Network Settings
Interface: TUN
Protocol: UDP
Server Address and Port: x.x.x.x:443
Accept DNS Configuration: Strict
Create NAT on Tunnel: Yes
Authentication Settings
Authorization Mode: TLS
Username/Password Authentication: Yes
Username: xxxxxxxxx
Password: xxxxxxxx
Username / Password Auth. Only: No
Crypto Negotiation
Keys and Certificates
Cipher negotiation: Enable (with fallback)
Negotiable cipher: AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
Legacy/fallback cipher: Default
TLS control channel security: Disabled
Auth digest: Default
Advanced Settings
Log verbosity 3
Compression LZO Adaptive
TLS Renegotiation Time: -1
Connection Retry attempts: 15
Verify Server Certificate: No
Redirect Internet Traffic: No
Custom Configuration
persist-key
persist-tun
This used to work a long time ago and even if I roll back to an older firmware that worked before I am still having issues with browsing being very slow. I am at a loss at this point I just don't understand why it is acting up now when I have not changed anything except for FW but even if I roll back to the FW that worked before it still does not work. Any advice would be greatly appreciated.
Code:
#!/bin/sh
sleep 2
for i in /proc/sys/net/ipv4/conf/*/rp_filter ; do
echo 0 > $i
done
ip route flush table 100
ip route del default table 100
ip rule del fwmark 1 table 100
ip route flush cache
iptables -t mangle -F PREROUTING
ip route show table main | grep -Ev ^default | grep -Ev tun11\
| while read ROUTE ; do
ip route add table 100 $ROUTE
done
ip route add default table 100 via $(nvram get wan_gateway)
ip rule add fwmark 1 table 100
ip route flush cache
iptables -t mangle -A PREROUTING -i br0 -j MARK --set-mark 1
iptables -t mangle -A PREROUTING -i br0 -m iprange --src-range 10.5.50.110 -j MARK --set-mark 0
# Plex Traffic: Bypass VPN
iptables -t mangle -C PREROUTING -i br0 -p tcp --sport 32400 -j MARK --set-mark 1
if [ $? -eq 1 ]
then
iptables -t mangle -A PREROUTING -i br0 -p tcp --sport 32400 -j MARK --set-mark 1
fi
iptables -t mangle -C PREROUTING -i br0 -p udp --sport 32400 -j MARK --set-mark 1
if [ $? -eq 1 ]
iptables -t mangle -A PREROUTING -i br0 -p udp --sport 32400 -j MARK --set-mark 1
then
fi
iptables -t mangle -C PREROUTING -i br0 -p tcp --dport 32400 -j MARK --set-mark 1
if [ $? -eq 1 ]
then
iptables -t mangle -A PREROUTING -i br0 -p tcp --dport 32400 -j MARK --set-mark 1
fi
iptables -t mangle -C PREROUTING -i br0 -p udp --dport 32400 -j MARK --set-mark 1
if [ $? -eq 1 ]
then
iptables -t mangle -A PREROUTING -i br0 -p udp --dport 32400 -j MARK --set-mark 1
fi
exit 1
Here is what I have configured in the Client VPN Settings on the router:
Network Settings
Interface: TUN
Protocol: UDP
Server Address and Port: x.x.x.x:443
Accept DNS Configuration: Strict
Create NAT on Tunnel: Yes
Authentication Settings
Authorization Mode: TLS
Username/Password Authentication: Yes
Username: xxxxxxxxx
Password: xxxxxxxx
Username / Password Auth. Only: No
Crypto Negotiation
Keys and Certificates
Cipher negotiation: Enable (with fallback)
Negotiable cipher: AES-128-GCM:AES-256-GCM:AES-128-CBC:AES-256-CBC
Legacy/fallback cipher: Default
TLS control channel security: Disabled
Auth digest: Default
Advanced Settings
Log verbosity 3
Compression LZO Adaptive
TLS Renegotiation Time: -1
Connection Retry attempts: 15
Verify Server Certificate: No
Redirect Internet Traffic: No
Custom Configuration
persist-key
persist-tun
This used to work a long time ago and even if I roll back to an older firmware that worked before I am still having issues with browsing being very slow. I am at a loss at this point I just don't understand why it is acting up now when I have not changed anything except for FW but even if I roll back to the FW that worked before it still does not work. Any advice would be greatly appreciated.