What's new

RT N66U with AC86U LAN to WAN connection.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Brainstorm

Regular Contributor
I have currently got an RT N66U connected to my ISP, with an AC86U downstream connected LAN to WAN. They're about 10 metres apart, and every few days it appears that wireless access gets screwed up and I have to reboot one or the other or both for all 4 signals to begin working again. I've tried them on auto and manually selected wireless control channels, but it doesn't seem to make much difference. Is it possible the wireless signals are interfering with each other? The other issue I have is that if I connect to the AC86U wireless, I can't connect to my printer which is connected to the RT N66U. I'm sure I've seen an answer to that somewhere, and I've tried adding a static route to the N66U which works when I'm not using a vpn, but if I turn on a vpn on the AC86U, it stops working, and once again I can't access the printer.
Also, I note on the AC86U, I can have more than one vpn active at the same time. How does that work? Does it work? Are they prioritised somehow? I'm new here, a friend advised me to give you a try as there was some good expertise in these forums.
 
Connect your AC86U as main router, it's a much better router. Convert the N66U to an access point. Devices connected to both routers will be on the same subnet and your printer sharing issue will disappear. To avoid interference and maximize throughput - set AC86U Wi-Fi on channels 1 for 2.4GHz and 36 for 5GHz, N66U on channels 11 for 2.4GHz and 149 for 5GHz. Find the best channels for your place, but you get the idea. Use separate SSIDs for the two bands, but with the same name per band on each router. Fix the Wi-Fi first and we'll get to the VPN connections.
 
Last edited:
Hi Tech9. Thanks for the speedy reply. To be honest, I'm playing around here, trying to learn something about IP and routing. I've already tried your suggestions regarding the wifi. What I've found is if I put more distance between the 2 routers, problems are far less prevalent, but still occur every now and again. Symptoms are a lot of my devices can only see one of the routers signals, particularly the 5mhz band, and signals come and go as I'm looking at the available wifi. This happens less when the routers are further apart.
My final config will probably be just the AC86U facing the ISP connection, I have cat5 installed to connect a lot of devices without wifi, but just for testing purposes, I wanted to go LAN to WAN, keeping the router functions on both routers working, creating different subnets, and trying to get things working, to improve my routing/ip knowledge. I've moved the routers further apart, configured the wifi as you suggest. Is there any way I can make the IP/Routing/Printer/Router access work with the config I have? I've tried a few things myself (nothing has worked as I wanted), but whilst I'm testing, rebooting, changing things, my other half gets fairly irate when she's trying to work from home and the internet is going up and down like the proverbial.....so what I really need is fixes I can reverse engineer to work out what's happening..
 
You may end up with double/triple NAT situation with more issues than your printer. What's the ISP equipment - is it a modem or a modem/router? I believe your AC86U is all you need. Can you see AC86U's WI-Fi networks everywhere inside your home?
 
My internet comes as a cat5 connection, with a 10.x.x.x address, so I've taken your advice and connected the AC86U directly, with no N66U downstream. Everything seems to be working ok. The AC86U is running Merlin firmware, and I'm intrigued to know how having more than one vpn at the same time works. Also, if the ISP is natt'ing, can I turn it off on my router?
 
My internet comes as a cat5 connection, with a 10.x.x.x address

That's a private IP range. You can use VPN clients, but not run VPN servers. You'll need ports open for your VPN servers on whatever is providing Internet for you. You can't do that on your router. Multiple clients in Asuswrt-Merlin is not a problem, but you need manual IP assignments for your clients and policy-based routing to assign specific clients to different VPN connections, if that's your goal. How to do that is described here, with examples:

 
Thanks Colin.
Using Merlin, is it possible to create policy rules based on domain name rather than ip address?
 
With policy rules you have to route by host IP address not domains. See this post for an explanation. However you could use a Merlin add-on like x3mRouting for domains that resolve to multiple/changing IP addresses (like amazon.com).
 
Last edited:
One more question....will x3mRouting work with commercial vpn providers ie ExpressVpn and Nord? I don't want to load it up to find I have to create both client AND server functions... as Tech9 said I won't be able to run a server with my ISP supplied 10.x.x.x address
 
Thanks Colin. Looking through some of the forum details regarding x3mRouting, would it be fair to say I could achieve the same results if I used nslookup and added a rule for every ip address I found relating to a particular service? Obviously using domain names is more robust, especially if the addresses are likely to change regularly, but is my theory viable?
 
Thanks Colin. Looking through some of the forum details regarding x3mRouting, would it be fair to say I could achieve the same results if I used nslookup and added a rule for every ip address I found relating to a particular service? Obviously using domain names is more robust, especially if the addresses are likely to change regularly, but is my theory viable?
Yes that is correct.
 
Why do you need all this on a router, @Brainstorm? What's the idea?
Tech9. Not sure I should be telling you this, 'cos it's not exactly 'de rigueur', but here goes anyway. I hope you're not the TV/VPN police.....I DO pay my UK TV Licence,,,,,
Due to my job, I'm recently spending more and more time abroad, and I miss my UK TV. I'm currently in eastern europe, long term, and I want BBC particularly, but also ITV, Britbox, Now TV for F1, Disney plus, Prime, Netflix etc...
Each of these hosts has different requirements. I'm using Express and Nordvpn, but Britbox, for example, only works with Express. ITV works with Express Mediastreamer (No VPN connection), NOW TV works much better with Nord than with Express. Disney works with Express Mediastreamer, but if I accidentally log in while a vpn is connected, Disney spots it and it's a long painful process to resolve the issue and log back in. Express UK servers particularly are sometimes very slow, and their access to the BBC was blocked almost a year ago now, and they still haven't recovered. Same with Amazon prime. I can connect, but it buffers. A lot.
I want to watch on my smart TV. I have managed to geo relocate that so it thinks it's the UK (I bought it here), I have a UK Roku stick, and, back in the UK, I have an Amazon Firestick waiting for me which supports UK Expat VPN, which might be the answer to all my problems, (TV related, anyway) but I can't currently get back to the UK to get it.
With the TV, if I switch one vpn off and another one on on the router, the IP address changes but I get DNS exposure. I have to drop the TV wifi and reconnect for the TV IP and DNS to catch up.
I CAN do everything I want. Some things I can watch on laptop or iphone, some I can cast to the TV, some I can watch on Roku, some using the apps on the tv. But it's a LOT of fiddling about.
I'm hoping that if I could route each service by domain name down the WAN, or the vpn it needs to use to work properly, I can set it up and leave it all alone.
And I have a little bit of comms experience and a little bit of Unix experience, I have lots of time on my hands, and I like to play. Dangerous, I know.
I have considered setting up a vpn server at my UK address, but I'm not sure how or if that would work. I wasn't aware that a private ip address would negate that. Would I get anything else from a UK ISP? And also upload download speeds. Currently here I get 500mbps both ways, and it's cheap and fairly reliable, but I'm not sure UK services are anywhere that fast for the price...
 
x3mRouting question....


#########################################################
# Assign the interface for each LAN client by entering #
# the appropriate interface number in the first column #
# 0 = WAN #
# 1 = OVPNC1 #
# 2 = OVPNC2 #
# 3 = OVPNC3 #
# 4 = OVPNC4 #
# 5 = OVPNC5 #
#########################################################
0 192.168.1.150 SamsungTV
1 192.168.1.151 Samsung-Phone
2 192.168.1.152 Asus-Laptop
2 192.168.1.153 iPad
1 192.168.1.154 Lenovo-Laptop

Does this mean I can only route a device to a vpn? I want to route different apps on the TV/Roku to different vpn's, is that possible?
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top