Diversion Is there anyway to get Diversion working with OpenVPN Client in Merlin 388.1 RT-AX88U?

[skeal]

By the way. If you select Cloudflare as your DNS, it will show in your leak test, but as a regional location used by all Cloudflare users in your part of the world.

 

[skeal]

Let me know if you need help with Wireguard. I run only Wireguard server and client. I also have a couple site to site OVPN clients.

 

[Skeptical.me]

Here is my DNS, I use Cloudflare because they don't keep logs of your DNS queries.
View attachment 46434View attachment 46435
The first screenshot is my DNS settings, the second screenshot is the item in the DNS DoT settings, where you select a preset DNS server.

Excellent, I've done all that and used 1.1.1.1 and now from all the devices I browse the web on I see Cloudflare DNS servers on ipleak.net, and Diversion is working. And because I have the Apple TV routered through a second VPN Client (in VPN Director) that has Accept DNS Configuration set to Exclusive, it is using the VPN's DNS and I'm able to use all the US Streaming apps on there.

So now the big bad ugly Government won't keep a record of every website I visit LOL

 

[skeal]

Next you need to bridge your ISP router and setup a guest wifi on the router. This will ensure that the people using it are managed by the router's QOS and won't disrupt what your watching on the AppleTV. I can help with that.

 

[Skeptical.me]

Next you need to bridge your ISP router and setup a guest wifi on the router. This will ensure that the people using it are managed by the router's QOS and won't disrupt what your watching on the AppleTV. I can help with that.

Okay, thanks for your help by the way. I appreciate it a lot.

I know how to bridge my ISP's modem/router, but I don't know how to do the rest. However, first I have to make sure my RT-AX88U's WiFi Signal reaches the front of the house where my brother and his son live, and I live up the back of the house, the ISP Modem/router/wifi is at the front of the house and the RT-AX88U is in my room at the back.

 

[skeal]

Okay, thanks for your help by the way. I appreciate it a lot.

I know how to bridge my ISP's modem/router, but I don't know how to do the rest. However, first I have to make sure my RT-AX88U's WiFi Signal reaches the front of the house where my brother and his son live, and I live up the back of the house, the ISP Modem/router/wifi is at the front of the house and the RT-AX88U is in my room at the back.

I see. You may not want to then. You need a mesh node now...hahaha.

 

[skeal]

You could setup a guest network on your router and ask your brother to test. You wouldn't be doing any special work to get it going. Your brother however would need to change the wifi source SSID he is using to the guest one you just setup.

 

[arkywein]

Yes, I run a Wireguard Server, and a client on my AX88U. I route the Wireguard server connected clients, through my Wireguard client connected to Torguard. If the Wireguard client and DNS Director is setup right this all works well. I am however having trouble accessing LAN devices. For example I can't view my routers webui, when connected to my Wireguard server. I'm pursuing a solution as we speak.

Could you please help me set this up right?
I have a VPN server (WireGuard) on my AX58U. I have a static IP and everything works well, I can connect to it from a remote device. I also have a VPN Client setup on my router that connects to a commercial VPN (Mullvad). I would like all clients that are connected to my router's VPN server be rerouted through my Mullvad VPN client (I believe this is called two-hop or double VPN).
What do I need to do to make this work?

UPD
I think I figured it out. I added a rule to the VPN Director to redirect an internal IP address of my client (10.6.0.2) to one of the Mullvad client, like so:

Let me know if you've done it differently.

 

[Skeptical.me]

I see. You may not want to then. You need a mesh node now...hahaha.

I'm going to buy an AiMesh compatible RT-AX55U on the 28th and set it up, I'll probably contact you after it arrives LOL

 

[skeal]

Could you please help me set this up right?
I have a VPN server (WireGuard) on my AX58U. I have a static IP and everything works well, I can connect to it from a remote device. I also have a VPN Client setup on my router that connects to a commercial VPN (Mullvad). I would like all clients that are connected to my router's VPN server be rerouted through my Mullvad VPN client (I believe this is called two-hop or double VPN).
What do I need to do to make this work?

UPD
I think I figured it out. I added a rule to the VPN Director to redirect an internal IP address of my client (10.6.0.2) to one of the Mullvad client, like so:
View attachment 46448
Let me know if you've done it differently.

That's what I do.

 

[skeal]

I'm going to buy an AiMesh compatible RT-AX55U on the 28th and set it up, I'll probably contact you after it arrives LOL

Absolutely, you can message me if you want.

 

[Skeptical.me]

Absolutely, you can message me if you want.

In WAN is Forward local domain queries to upstream DNS supposed to be set to YES in order for the DNS over TLS to work AND Diversion work also?

 

[Skeptical.me]

If DNS Director is set to Router, then all your connected clients will use the DoT settings. If you need a device to use a different DNS server because of a VPN then you would add the device and it's specific DNS to the DNS Director clients list. Something like this:
View attachment 46436

What I do to use the ExpressVPN DNS servers is set one OpenVPN Client‘s Accept DNS Configuration to Exclusive and in VPN Director route two devices through it. When I do a DNS Leak test I see ExpressVPNs DNS servers. And for devices routed through another OpenVPN Client, and devices routed through the WAN I see Cloudflares DNS Servers. And Diversion works with these.

But on the two devices routed through the OpenVPN Client where I see the ExpressVPN DNS Servers with Accept DNS Configuration is set to Exclusive … Diversion doesn’t work on those devices, which is fine.

 

[skeal]

In WAN is Forward local domain queries to upstream DNS supposed to be set to YES in order for the DNS over TLS to work AND Diversion work also?

Leave that set to no.

 

[skeal]

But on the two devices routed through the OpenVPN Client where I see the ExpressVPN DNS Servers with Accept DNS Configuration is set to Exclusive … Diversion doesn’t work on those devices, which is fine.

Yes, this is normal behavior.

 

[Skeptical.me]

Yes, this is normal behavior.

For the AiMesh router we discussed, I was going to get an RT-AX55 but I just ordered an RT-AX58U for $120USD ($179AUD) from Amazon Australia … I thought that seemed like a good price. Once I get that I’ll be able to set up AiMesh and then set up guest wifi for my brother, and put my ISP router in bridge mode.