Slow speeds and some websites/apps don't work post VPN Director

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

dcballers

Occasional Visitor
I have been using VPN Director to tunnel specific devices through various OpenVPN clients. This works great. However, when I disable a rule to stop tunneling a device, the internet connection is messed up. Many sites take a very long time to load, sometimes not at all, and many apps are very laggy.

I can't figure out a pattern of which sites/apps work and don't. For example, when I am tunneling my phone through VPN everything works well. Then I disable that policy rule and nytimes and google take forever to load, speediest.net stalls out completely, discord works but gives me a "connecting..." notification for a few seconds every time I open it, WeatherBug sometimes won't load at all.

Rebooting phone and router do not help. I am on a AC86U with most recent Merlin 386.3_2.

What might be causing this and how can I fix it? Thank you!
 

RMerlin

Asuswrt-Merlin dev
Test by running traceroute on the affected clients.

Also double check your DNS configuration to ensure your non-routed clients are properly using a public DNS.
 

dcballers

Occasional Visitor
Thanks for the quick response. I'm trying my best but still learning here and will need to look into how to run a Traceroute. Re: the DNS config, what/where should I be checking? Here's what I have under WAN.

Screen Shot 2021-08-24 at 10.52.17 PM.png
 

RMerlin

Asuswrt-Merlin dev
Thanks for the quick response. I'm trying my best but still learning here and will need to look into how to run a Traceroute
Under Windows, simply open a command prompt, then run the desired trace, for example:

Code:
tracert www.google.com

That will show you which VPN tunnel is being used by that client to reach www.google.com.
 

dcballers

Occasional Visitor
Thanks. Things are bad right now, in that I can't access any sites or apps off VPN so I'm not sure how helpful these results will be, but here we go.
I opened a terminal shell only my Mac and did:
t
Code:
traceroute www.google.com
All seems good while on VPN. It returned:
traceroute to www.google.com (142.251.32.196), 64 hops max, 52 byte packets
followed by a list of ip addresses and timestamps, all around 45-50ms

However, when I go off the VPN things are really bad and I can't access any websites. This time the command returns:
traceroute: unknown host www.google.com

I downloaded an app to do Traceroute on my phone and similar thing. All was good while on VPN. I went off VPN and get an "Invalid host name or IP address. Please check your Server Name"

What do you suggest?
 

RMerlin

Asuswrt-Merlin dev
However, when I go off the VPN things are really bad and I can't access any websites. This time the command returns:
That would indicate your issue is quite possibly related to the DNS, because it's unable to complete name resolution.

Make sure you set DNS Mode to "Exclusive" on your VPN client config page, so that way only LAN clients configured to use the VPN will be using the VPN's DNS server.
 

dcballers

Occasional Visitor
Wow, thank you! I think that did the trick. I had them set to "Strict" and so far haven't had any issues going off VPN since switching them over to "Exclusive."

I had thought the DNS Mode on the VPN client config page only had an impact on devices using that VPN. Didn't realize it could impact devices *not* using it. Very interesting.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top