Menu
What's new
By:
Filters Better Search

Email being blocked on wifi devices only when VPN active?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

D

Dazzler

New Around Here
Merlin Firmware - 386.5.2

Preamble - I have my ASUS RT-AC86U setup to use NORD VPN and want all (most) traffic within the house to go to the outside world via the VPN.
Problem - I get email server rejections and am unable to access my email via the VPN but can over the WAN i.e. VPN disconnected.
Solution? - So I thought I could put all of my IP range (1) via the director rules to use the VPN then simply allow the IMAP and SMTP servers (2) to be accessible by all devices as per the image below. This works with my PC (10.0.0.49) on an ethernet connection but not my WiFi devices unless I exclude them from the VPN explicitly as shown (3).

Question - Why would the WiFi connected devices not be able to respond the same way as my ethernet connected device as they are all in the included IP range? - Or is there something more fundamental that I'm missing here?

TIA for any help/suggestions. Pls be gentle - I'm new to this game. :)


1654485748909.png
 
Not sure if this will make the difference, but *technically* your "All traffic" entry is incorrect. It should be 10.0.0.0/24. The firewall will accept this sort of error and handle it correctly, but the routing system tends to be more sensitive to this kind of error. To be on the safe side, you should correct it.
 
Dazzler said:
Why would the WiFi connected devices not be able to respond the same way as my ethernet connected device as they are all in the included IP range?
Click to expand...
It shouldn't make a difference within the sane subnet. Although I've seen some funky routing issues in the past where my server "router" can connect to my cable modem interface / GUI but, clients attaches can't. Looking at the routes on the server looked fine as did the routes on the clients. Sometimes there's an additional mechanism that blocks things., Now, e-mail being externally hosted would come down to rules usually.

There was a period of time a while back though that I had an issue with US based servers not passing TLS and causing issues. I tested a few different countries to see if it was system wide on Nord's side or just one region. Well, I stumbled upon a couple of countries that worked just fine and used them while debating the issue with Nord. We went back and forth for maybe a month and a half on the issue and eventually it got resolved. Knowing that they use "live images' and not HW based storage for the OS / configuration lead me to believe someone that makes the images borked a config within it. Snice the scope of the issue was limited to certain regions pointed to the image being used.

Never did get a straight answer on what the resolution was. While testing though i tried different versions of the app for linux to make sure it wasn't the SW on my side causing the issue. Oh, and the OVPN version worked but, the nordlynx option didn't. But, chopping BW by 50% to use OVPN domestically didn't make sense.
 
eibgrad said:
Not sure if this will make the difference, but *technically* your "All traffic" entry is incorrect. It should be 10.0.0.0/24. The firewall will accept this sort of error and handle it correctly, but the routing system tends to be more sensitive to this kind of error. To be on the safe side, you should correct it.
Click to expand...
Thanks for the response. I did make the change you proposed but unfortunately it hasn't made any difference to the original problem - but thanks for the suggestion nevertheless.
 
Tech Junky said:
It shouldn't make a difference within the sane subnet. Although I've seen some funky routing issues in the past where my server "router" can connect to my cable modem interface / GUI but, clients attaches can't. Looking at the routes on the server looked fine as did the routes on the clients. Sometimes there's an additional mechanism that blocks things., Now, e-mail being externally hosted would come down to rules usually.

There was a period of time a while back though that I had an issue with US based servers not passing TLS and causing issues. I tested a few different countries to see if it was system wide on Nord's side or just one region. Well, I stumbled upon a couple of countries that worked just fine and used them while debating the issue with Nord. We went back and forth for maybe a month and a half on the issue and eventually it got resolved. Knowing that they use "live images' and not HW based storage for the OS / configuration lead me to believe someone that makes the images borked a config within it. Snice the scope of the issue was limited to certain regions pointed to the image being used.

Never did get a straight answer on what the resolution was. While testing though i tried different versions of the app for linux to make sure it wasn't the SW on my side causing the issue. Oh, and the OVPN version worked but, the nordlynx option didn't. But, chopping BW by 50% to use OVPN domestically didn't make sense.
Click to expand...
When I get the opportunity I might change the Nord server location to test out your theory/past experience to see if it is problem with an image at their end.
Seems odd though that only the WiFi devices are having the issue though?! My 'gut' feeling is that it's within my router. I didn't really want to reset to factory and reload from scratch but might have to.

Having a VPN that I can't use if I want access to email full time, renders it useless. I'll keep tinkering unless there are more ideas from the experienced out there for me to try? Thanks.
 
You must log in or register to reply here.

Similar threads

B
VPN + Diversion
Replies
5
Views
550
BaconScout
B
O
Assigned IP address to the WAN interface via VPN director: no internet connection - why?
Replies
1
Views
178
OB1
O
J
Need to disable ipv6 dhcp server ip auto assignments in my lan. but leave ipv6 turned on for wan side.
Replies
8
Views
631
Joshua Price
J
R
Interface Shown As 5G Wifi When Connected To 2.5G Ethernet
Replies
7
Views
429
routeraround
R
G
How to VPN Direct Smart TV to Different VPN Tunnel to Rest of Devices
Replies
1
Views
1K
Gizmo2035
G
Similar threads
Thread starter Title Forum Replies Date
H Do AiProtectipn Email Notifications Actually Work? Asuswrt-Merlin 10
H Send Test Email From AiProtection? Asuswrt-Merlin 3
AppleBag Email Notification when new Firmware available? Asuswrt-Merlin 5
S Is GT-AX11000 still being updated? Asuswrt-Merlin 1
B Host name not being set in client Asuswrt-Merlin 1
Davidncali001 Need help with syslog being spammed with kernel messages Asuswrt-Merlin 8
H Manual DHCP Hostnames Aren't Always Being Used Asuswrt-Merlin 14
XIYO Solved The settings in /jffs/config/ are not being applied. Asuswrt-Merlin 2
G Malicious sites being blocked but AiProtection is off Asuswrt-Merlin 3
W Release PATH not being set in SSH sessions Asuswrt-Merlin 14

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 955 (members: 32, guests: 923)
Top