Chewie420
Regular Contributor
Hey it's me again, The new guy that is lost lol. Sorry for the long post but I wanted to give as much info as I could. I had a lot of help on my last post trying to get Skynet and Diversion installed so I thought I would try this as well.
So this issue is driving me crazy but I am not a networking guy so it is very possible I have mis-configured something in my setup. I am so close to having everything the way I want.
I will let you know everything I have done because I'm not sure where to start and what info is relevant to helping ... so here it goes.
Got a new Asus RT-AX88U router. Love it, but have so many IoT and other devices I knew it would be a pain to setup the way I wanted.
I have my hard wired devices then I have my 5 GHz and 2.4 GHz Wireless networks along with 2 isolated Guest WiFi for my IoT devices.Had the Asus firmware settings configured and seem to be working great.
Had some issues with VPN client set on router so I was told to try out Merlin (https://www.asuswrt-merlin.net/) so I installed 385.14 then then a day later .15 came out fix my WPA3 issue, what luck. After reading about Merling it did that open the door to some cool stuff. I stumbled on amtm (https://diversion.ch/amtm.html) and fumbled around and got Skynet and Diversion. Pretty much using default settings but as far as I can tell no issues with those.
I also have DDNS service running on my router with no-ip.org, I am using the DoH settings in Merlin set to Quad9 DNS servers (9.9.9.9 & 149.112.112.112) and I also have and OpenVPN server running on my raspberry pi hardwired on my network with port forwarding to it.
Everything is working the way I want, I am getting no DNS leaks (https://www.dnsleaktest.com/results.html), my phone is able to use the OpenVPN client I setup to connect back and access network resources and all my devices connected to LAN, WiFi or Guest WiFi is getting ads blocked (https://ads-blocker.com/testing/#ad-blocker-test-steps). Guest WiFi is slow for blocking ads and I am guessing it can't access the cert server I set up because I have isolated guest networks from talking to others. Anyway i am ok with that for now.
Everything works until I use my VPN client on the router to connect to my provider. I get connected and when using whatismyip.com it shows the VPN IP but I not longer can use my OpenVPN on my phone to remote into my network and I get a red light on the WAN of my router that is go on and off even though I still appear to be online. When the red light is on the router the WAN icon in Merlin is greyed out as well but when I hover over it it says connected with the IP of my VPN provider's server.
Is this where I am going wrong, I thought I had it working before but could be wrong. With DDNS activated is it ok for me to be connected to my VPN service on my router and also connect back home using VPN on my Pi? I could be wrong and it might not even be possible the way I am doing it.
I have been playing with this router since I got it two weeks ago and just want things to work now lol All I really want to do is be able to have my router always connected to VPN Client and be able to VPN back in to my network when I am not home so I can access my local resources.
Everything else is worked great, DHCP IP ranges setup the way I want with isolated guest networks, DoH, Network wide ad-block, I am soooo close to having it the way I was hoping.
I really have learned a lot but I am at the point where I don't know what to do. The VPN service seems to be working fine other than not allowing me to VPN back in and the fact that red light comes on and goes back to white randomly and everything else works the way I want if I don't turn on the VPN client on router.
I know this is a very specific setup just thought this would be the place to ask. Any suggestions I will gladly try.
So this issue is driving me crazy but I am not a networking guy so it is very possible I have mis-configured something in my setup. I am so close to having everything the way I want.
I will let you know everything I have done because I'm not sure where to start and what info is relevant to helping ... so here it goes.
Got a new Asus RT-AX88U router. Love it, but have so many IoT and other devices I knew it would be a pain to setup the way I wanted.
I have my hard wired devices then I have my 5 GHz and 2.4 GHz Wireless networks along with 2 isolated Guest WiFi for my IoT devices.Had the Asus firmware settings configured and seem to be working great.
Had some issues with VPN client set on router so I was told to try out Merlin (https://www.asuswrt-merlin.net/) so I installed 385.14 then then a day later .15 came out fix my WPA3 issue, what luck. After reading about Merling it did that open the door to some cool stuff. I stumbled on amtm (https://diversion.ch/amtm.html) and fumbled around and got Skynet and Diversion. Pretty much using default settings but as far as I can tell no issues with those.
I also have DDNS service running on my router with no-ip.org, I am using the DoH settings in Merlin set to Quad9 DNS servers (9.9.9.9 & 149.112.112.112) and I also have and OpenVPN server running on my raspberry pi hardwired on my network with port forwarding to it.
Everything is working the way I want, I am getting no DNS leaks (https://www.dnsleaktest.com/results.html), my phone is able to use the OpenVPN client I setup to connect back and access network resources and all my devices connected to LAN, WiFi or Guest WiFi is getting ads blocked (https://ads-blocker.com/testing/#ad-blocker-test-steps). Guest WiFi is slow for blocking ads and I am guessing it can't access the cert server I set up because I have isolated guest networks from talking to others. Anyway i am ok with that for now.
Everything works until I use my VPN client on the router to connect to my provider. I get connected and when using whatismyip.com it shows the VPN IP but I not longer can use my OpenVPN on my phone to remote into my network and I get a red light on the WAN of my router that is go on and off even though I still appear to be online. When the red light is on the router the WAN icon in Merlin is greyed out as well but when I hover over it it says connected with the IP of my VPN provider's server.
Is this where I am going wrong, I thought I had it working before but could be wrong. With DDNS activated is it ok for me to be connected to my VPN service on my router and also connect back home using VPN on my Pi? I could be wrong and it might not even be possible the way I am doing it.
I have been playing with this router since I got it two weeks ago and just want things to work now lol All I really want to do is be able to have my router always connected to VPN Client and be able to VPN back in to my network when I am not home so I can access my local resources.
Everything else is worked great, DHCP IP ranges setup the way I want with isolated guest networks, DoH, Network wide ad-block, I am soooo close to having it the way I was hoping.
I really have learned a lot but I am at the point where I don't know what to do. The VPN service seems to be working fine other than not allowing me to VPN back in and the fact that red light comes on and goes back to white randomly and everything else works the way I want if I don't turn on the VPN client on router.
I know this is a very specific setup just thought this would be the place to ask. Any suggestions I will gladly try.
Last edited: