1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Suggestion: could VPN client kill-switch distinguish between connection dropping & being turned off?

Discussion in 'Asuswrt-Merlin' started by Shasarak, Oct 18, 2018.

  1. Shasarak

    Shasarak Occasional Visitor

    Joined:
    May 17, 2018
    Messages:
    38
    I realise this would probably be far more trouble than it's worth, but if you never ask, you never get. :)

    I find the kill-switch function on VPN clients rather unintuitive. I have several VPN client connections set up, with routing policies to enable them only for one or two specific devices. One device will only use one VPN connection at a time, and only one VPN is active at any one time, but different VPN connections are active at different times, and the device is routed through whichever is the active one.

    It took me a while to figure out that a device being routed through a VPN connection by a policy will be blocked (if the kill-switch is on), even if that connection is currently deliberately turned off.

    With a single client device, you can make this work by only setting the final VPN connection to use the kill-switch; so the router tries each connection in turn until it finds one that works, or it hits the last one and then blocks if that isn't up.

    But if you imagine two devices using three connections: device A using either connection 1 or connection 2, and device B using either connection 2 or 3; at that point you have to resort to scripting to make it work.

    What I'd like is for the kill-switch function to be able to distinguish between a VPN client connection spontaneously dropping and the connection being deliberately switched off in the web UI. If the connection is switched off on purpose, then all of its routing policies should be ignored, and its kill-switch setting ignored as well.
     
  2. Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!
Please support SNBForums! Just click on this link before you buy something from Amazon and we'll get a small commission on anything you buy. Thanks!