Killswitch - has it been triggered?

[DaveSmeghead]

Hi,

I've been using Merlin for several months now and I've read posts in this forum, but this is my first post so please be gentle with me

I'm running 386.3_2 on a RT-AX86U using NordVPN and I've set up a single VPN Client, I have "Killswitch - Block routed clients if tunnel goes down" set to yes. I'm having connection problems, maybe once or twice a week, the external WAN Internet connection stops. A reboot of the router sorts it and I have "Automatic start at boot time" set to yes for the VPN Client so it all starts working again.

How can I tell, by looking at the routers web page (and not the log file as I don't understand any of it), that the killswitch has been triggered? When the connection stops working, before rebooting manually I've loooked at the VPN Director page and that seems normal, the VPN Client page seems normal. Is there somewhere that tells me if the killswitch has been enacted?

I've looked through the documentation and several forum posts about the killswitch and I haven't found anything, so if there is and I've missed it could you post a link please.

Any help would be appreciated
Thanks

 

[eibgrad]

I'm NOT aware of anything on the GUI, but at least within the relevant underlying data structures, you'll see the routing table for that OpenVPN client (ovpnc1, ovpnc2, etc.) will show "prohibit default" for the default route.

admin@lab-merlin1:/tmp/home/root# ip route show table ovpnc2
148.72.173.30 via 192.168.63.1 dev vlan2
192.168.63.1 dev vlan2  proto kernel  scope link
192.168.1.0/24 dev br0  proto kernel  scope link  src 192.168.1.1
192.168.63.0/24 dev vlan2  proto kernel  scope link  src 192.168.63.102
192.168.61.0/24 via 192.168.63.1 dev vlan2  metric 1
127.0.0.0/8 dev lo  scope link
prohibit default

That routing table is functionally useless for internet access at that point.

 

[DaveSmeghead]

Thanks for replying and helping me out with this, I see what you mean. I'll give what you suggest a try the next time it stops working, I'm not sure it is the killswitch that's doing it so this will tell me.

Thinking about it though, if the killswitch is triggered and the VPN is stopped, what can I do? There should be an option in the GUI to restart the router if the killswitch is triggered. This way it could automatically re-establish the VPN connection.

 

[RMerlin]

Thinking about it though, if the killswitch is triggered and the VPN is stopped, what can I do? There should be an option in the GUI to restart the router if the killswitch is triggered. This way it could automatically re-establish the VPN connection.

Your VPN client should already be attempting to reconnect itself. If it fails to reconnect, then a reboot is unlikely to resolve the issue.

 

[DaveSmeghead]

Is there any way that I can tell when the VPN Client is attempting to reconnect? Is there anything in the log file? Does it try continually (forever) or does it try X number of times and then give up?

 

[RMerlin]

Is there any way that I can tell when the VPN Client is attempting to reconnect? Is there anything in the log file? Does it try continually (forever) or does it try X number of times and then give up?

It will be in the logfile. How long it retries will depend on how you configured it.