GT-AX6000 (388.1) VPN Director killswitch useless?

eleVator

Occasional Visitor
Upgraded my router from RT-AC86U to a GT-AX6000 with now 388.1 merlinWRT and i just tested VPN Director+Killswitch.
Using vpnmgr with 2 nordVPN connections setup both run DNS Exclusive mode & VPN Director Policy Rules.
I noticed that 1 vpn was disconnected but the host using that connection still had internet bypassing the killswitch.
Disabled the second vpn client and the killswitch didn't hold.

After few more VPN on/offs and reboots VPN Exclusive mode isn't working either, something is bypassing it and ISP DNS is being accessed.


Was planing to setup up 2 piholes later today but now i have to understand what is going on here and start looking into killmon script i guess.

Other current settings:
Skynet
ipv6 is off
wifi is completely disabled
Unbound / Router / User defined DNS with routers IP
 
Last edited:

Viktor Jaep

Very Senior Member
Upgraded my router from RT-AC86U to a GT-AX6000 with now 388.1 merlinWRT and i just tested VPN Director+Killswitch.
Using vpnmgr with 2 nordVPN connections setup both run DNS Exclusive mode & VPN Director Policy Rules.
I noticed that 1 vpn was disconnected but the host using that connection still had internet bypassing the killswitch.
Disabled the second vpn client and the killswitch didn't hold.

After few more VPN on/offs and reboots VPN Exclusive mode isn't working either, something is bypassing it and ISP DNS is being accessed.


Was planing to setup up 2 piholes later today but now i have to understand what is going on here and start looking into killmon script i guess.

Other current settings:
Skynet
ipv6 is off
wifi is completely disabled
Unbound / Router / User defined DNS with routers IP
I'll have to find the reference, but from what I was able to gather, the killswitch functionality that's built-into the firmware only works if a vpn connection disconnects outside of its control/crashes... if you gracefully disconnect, then the killswitch doesn't work as advertised. Thus the need for killmon. ;) I'll see if I can find that and will update this post...

Here's a lot to read up on... ;) https://www.snbforums.com/threads/kill-switch-doesnt-work.74948/
 

eleVator

Occasional Visitor
the killswitch functionality that's built-into the firmware only works if a vpn connection disconnects outside of its control/crashes.
Thanks, i faintly remember reading that thread when i was dabbling around on my RT-AC86U.
Guess i will not be factory resetting and looking into your scripts next week, thanks for the reply and thanks for your scripts.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top