What's new

Question on VPN effectiveness of Asus RT-AC86U to BWG210-700 modem/router

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Charizard1776

New Around Here
Sorry for long post, but wanted to provide some background and how I have my routers setup...

I have ATT as my ISP who provides the BWG210-700 modem/router combo for my internet connection.

I picked up an Asus AC86U and have installed the latest Merlin firmware with the goal of using this router as my VPN connection to mask my location.

The AC86U is connected to the BWG210 router using an ethernet cable going from the WAN port on the AC86U to one of the 4 lan port on the BWG210 router. I went thru the Asus setup and installed the latest AC86U Asus Merlin firmware and it seems to be working as I'm able to access the internet on a laptop connected to the AC86U router thru wifi.

From there, I used an .ovpn file to configure my Asus-Merlin VPN client connection and logged in using my VPN service provider's login information. It think I've successfully setup my VPN connection in the Asus-Merlin firmware using my VPN service subscription because when I go to ipleak.net, it shows my location being in the country I have my VPN connected to.

My question is: Since my VPN (Asus AC86U router) is setup "downstream" of the modem/router (BWG210), is my VPN really working? Can my location still be traced/leaked since there's no VPN connection setup on the BWG210 modem/router?

Thanks in advance!
 
My question is: Since my VPN (Asus AC86U router) is setup "downstream" of the modem/router (BWG210), is my VPN really working? Can my location still be traced/leaked since there's no VPN connection setup on the BWG210 modem/router?
The fact that your Asus is behind another router makes no difference in this case. Because all your traffic is being routed through your VPN provider's servers once it exits their servers onto the wider internet it appears to be coming from the VPN provider's IP address (because it is). The only people that can link the "fake" IP address with your real IP address is the VPN provider.

Of course your ISP (and the NSA, etc.) can see that there is a VPN connection between you and the VPN provider's servers, but they can't examine the traffic because it's encrypted.
 
The fact that your Asus is behind another router makes no difference in this case. Because all your traffic is being routed through your VPN provider's servers once it exits their servers onto the wider internet it appears to be coming from the VPN provider's IP address (because it is). The only people that can link the "fake" IP address with your real IP address is the VPN provider.

Of course your ISP (and the NSA, etc.) can see that there is a VPN connection between you and the VPN provider's servers, but they can't examine the traffic because it's encrypted.
I'm willing to bet that the NSA can see past your VPN and see exactly what we get up to
 
no, only reason I wanted to understand whom you mean, there are often words or names I totally misunderstand due to my poor english, so I asked. Maybe there is another person I dont know ...
PS: Or for some dubious reason it is necessary to encrypt his name.
 
Last edited:
no, only reason I wanted to understand whom you mean, there are often words or names I totally misunderstand due to my poor english, so I asked. Maybe there is another person I dont know ...
Oh sorry I thought you were having fun with me my apologies but yes id mean Julian assange
 
thank you for the quick and helpful answer. sounds like i'm set and dont need to change anything

Is there a reason to keep ISP modem/router as a router?
Check if there is a way to turn it into a modem only. You can skip the double NAT this way.
 
Whats the down side of double Nat? Slower speed?

I have non critical devices connected to the modem/router and critical devices connected to the downstream Asus VPN router...

I didn't want to connect more devices than necessary to the VPN enabled Asus router thinking that's better for performance, but I'm new to this...

My VPN is also setup thru a other country which makes online shopping harder when the home page is defaulted to that country's language.
 
Last edited:
Whats the down side of double Nat? Slower speed?

May cause issues with port opening (UPnP), secure sites (SSL), connecting to VPN, access to second router (DDNS), etc. You can connect all devices to one router (ASUS) and send selected ones only through VPN using Policy Rules. The rest will connect through WAN, just like before. All the information how to do it is available here on SNB.
 
Thanks. I think I'll give that a try (i.e., disable my router of my BWG210-700 modem/router).

What is the proper/best way to disable my router of my BWG210-700 modem/router device and have my Asus AC86U as the primary router? In my reading, I come across people saying to do "IP Passthrough", "Bridge mode", and "cascaded routing" but i'm not sure what all this means...

Here's also a screenshot of the BWG210 modem/router's menus. I'm not clear what I punch into each field... thanks again for the help and apologize for the ignorant questions!
 

Attachments

  • Capture.PNG
    Capture.PNG
    198.6 KB · Views: 307
  • tempsnip.gif
    tempsnip.gif
    47.1 KB · Views: 354

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top