already published in englishNo hablo espanol aqui.
Both IPs belong to Surfshark VPN.
yes correct but it should give the same ip above it should be like this photo which is also from surfshark but the difference is that 386.3.2 directs traffic to the same ip Spain and in 386.5 it sends ip to another location that is a leakBoth IPs belong to Surfshark VPN.
I send you how I have configured the dns in wan and lan look like this I have it and in 386.3.2 there is no problem and in 386.4 onwards something changes in the asus merlin source code.Hard to be sure without having details about the OP's DNS and VPN configuration, but one difference between 386.4 and beyond, compare to everything prior to 386.4, is that ASUS now statically binds your DNS as defined on the WAN, to the WAN! And that could result in DNS leaks given certain DNS and VPN configuration settings. But it's impossible to know without having all those other details.
Also, considering using my DNS leak testing tool.
Tutorial - How to monitor DNS traffic in real-time
Been following this thread. I recall many questions about leaving DNS Server 1/DNS Server 2 blank was answered moons ago. @RMerlin 's guidance was: "do not leave'm blank or NTP and other time dependent services (VPNs, ...) cannot start properly." What did I miss? We are concerned that the...www.snbforums.com
As I explain in that link, trying to assess the results of DNS leak testing tools *outside* your own environment can be very difficult. At the very least, you should now what's happening *within* the confines of your router first, since that's the one thing you can control. Worry about what these online DNS leak testing tools are telling you later (many times they are just plain wrong).
I send you how I have configured the dns in wan and lan look like this I have it and in 386.3.2 there is no problem and in 386.4 onwards something changes in the asus merlin source code.
Yes, to the letter, I configured everything correctly and that is why when I am in version 386.3.2 everything is correct and when with the same configuration it goes to version 386.5 there is already a leak""" that you need to find one solution?As I said, NOW ASUS is statically binding whatever DNS you have defined on the WAN, to the WAN! And that has the potential to lead to DNS leaks. But I can only say *potential* at this point since I have NO IDEA how you configured DNS wrt your OpenVPN client!
IOW, we can't just look at the tiny bit of information you've provided and draw any hard conclusions as to why these online DNS leak testing tools are reporting a problem. We have to see how you configured the OpenVPN, esp. the "Accept DNS Configuration" option.
Did you follow a specific set of instructions from SurfShark? Do you have the link?
Yes, to the letter, I configured everything correctly and that is why when I am in version 386.3.2 everything is correct and when with the same configuration it goes to version 386.5 there is already a leak""" that you need to find one solution?
I configured as indicated by a surfshark agent, he said he should use his dns in the wan and lan. that asus change only affects asus merlin for example the gs-ax3000 router with vpn fusion this error does not occur. if i use vpn managerI will assume you used the following link when configuring SurfShark.
I don't see anywhere where it tells you to assign those (apparently) SurfShark DNS servers to the WAN. But we'll put that aside for the moment.
As I keep saying, since 386.4, those DNS servers will be *BOUND TO THE WAN*! So that's something NEW you have to take into consideration that wasn't a problem before.
Are you presently using the VPN Director to manage access to the OpenVPN client?
I already found the problem now in wan you cannot use manual dns you have to leave it in automatic at last.P.S. I should make clear that *I* consider it a DNS leak if your preferred DNS servers are accessed over the WAN. IOW, it's NOT enough (imo) to just avoid using the ISP's DNS servers. If you use alternative DNS servers from the VPN provider, but they are accessed over the WAN rather than the VPN, then the ISP can still eavesdrop on your DNS traffic, or worse, hijack it back to his own DNS servers. That's why I keep harping on this issue of the WAN DNS servers being statically bound to the WAN.
I configured as indicated by a surfshark agent, he said he should use his dns in the wan and lan. that asus change only affects asus merlin for example the gs-ax3000 router with vpn fusion this error does not occur. if i use vpn manager
admin@lab-merlin1:/tmp/home/root# ip route
1.0.0.1 via 192.168.63.1 dev eth0 metric 1
1.1.1.1 via 192.168.63.1 dev eth0 metric 1
192.168.63.1 dev eth0 proto kernel scope link
192.168.4.0/24 dev wl0.3 proto kernel scope link src 192.168.4.1
10.8.0.0/24 dev tun21 proto kernel scope link src 10.8.0.1
192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.1
192.168.63.0/24 dev eth0 proto kernel scope link src 192.168.63.102
192.168.61.0/24 via 192.168.63.1 dev eth0 metric 1
127.0.0.0/8 dev lo scope link
default via 192.168.63.1 dev eth0
I already found the problem now in wan you cannot use manual dns you have to leave it in automatic at last.
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!