What's new

RT-AC5300_386.3_2 - VPN Kill Switch not working

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

j14t56

New Around Here
I tested and when VPN is OFF, VPN kill switch is not working and traffic going through. I have downgraded to RT-AC5300_386.2_4 and is working again. Please fix.
 
 
Last edited:
di you read RMerlin change log for 386.3?

NEW: Introducing VPN Director, which replaces the original
policy routing management interface for OpenVPN clients.
A bit similar to Asus's own VPN Fusion, OpenVPN routing
rules are now managed through a central web interface,
and they are stored in JFFS instead of nvram, to allow
creating more rules, and free up some nvram for
nvram-limited devices such as the RT-AC68U.
See the Wiki for more information.
- The kill switch can now be used in both "Yes" and
"VPN Director" routing modes
- Manually stopping a client will remove the kill
switch. It will now only be applied at boot time
(if client was set to start at boot), or if the
tunnel is disconnected through a non-user event
 
When rebooting router (scheduled) my VPN often goes to OFF even though set to start after reboot. All computers exposed during this time. I will stay at previous version.
 
Ok. But as I stated in that other link, you *could* implement your own kill switch, one that behaves more like the old one. It's not that difficult, esp. if you're NOT using routing policy rules. Sooner or later, you're likely to update for other reasons and have to deal with the problem, because I don't see things ever changing back. Your choice.
 
there is just one way your devices would be 100% protected - when you disconnect your PC from internet :)

no upgrading to new FW for your router it definitely will not allow you to stay secured. Those all fix and module/soft updates are not because some1 have to much time and decided to release new version. Very often there are security back doors etc. Like for example wi-fi frag attack etc.
 
Thank-you for the replies.

I do not use WiFi on AC-5300 (I have other equipment for this) or any of the other features of the firmware. Only use of router is for DHCP assignment and VPN for certain IPs via Policy. Everything else is disabled.

I noticed DD-WRT is out for 5300. I will install that instead.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top