Unable to get rid of WAN IP from VPN connection that no longer exists

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

dealwithit

New Around Here
I can't get rid of the WAN IP that was set by a VPN connection that was since removed.

Background
I set up a VPN client on my RT-AC68W after installing merlin v384 (I think 384?). All was fine for awhile, but I needed to remove the VPN client to solve some issues with some hosts that block traffic from my VPN.

What I've tried
Switched off all OpenVPN clients. No effect.
Removed all VPN Client PPTP/L2TP profiles. No effect.
Power cycled modem & router in different order. No effect.
Tried switching WAN off/on from the admin interface. No effect.
Tried turning WAN off/on using a command I saw in one of the threads here. No effect.
Connected directly to modem, bypassing the router, and verified the IP address of the modem is correctly set by my ISP.
Connected back to the modem, logged in, and confirmed WAN IP was still from the old disabled VPN.
Reset (power off, hold WPS button, power on, keep holding until power led blinks) No effect.
Install new firmware 386.1_2 No effect.
Reset again (power off, hold WPS button, power on, keep holding until power led blinks) No effect.
Checked WAN IP. Still the old one.
Checked VPN client settings; I still see the data cypher and some settings on VPN Client 2. This surprised me since all other settings seemed to be reset (i.e., I had to set login info, reset SSID name and pass, etc).

I searched for similar issues from others, but the closest I could find was about release/renew the WAN IP (which I tried, to no effect).

I'm at a loss on what to do next. Why does the router keep the old VPN IP? How can I delete that for all eternity?

Much appreciated for the help/guidance.

Thanks,
Matthew
 

RMerlin

Asuswrt-Merlin dev
The WAN IP reported by the router has absolutely nothing to do with VPN clients, it's what it gets either from your ISP, or whatever device you have installed in front of your router.
 

dealwithit

New Around Here
Thank you for the quick reply.

Hmnm.

When I connect directly to the modem, the public ip shows as correct when visiting whatsmyip, and other similar sites.
When I connect through the modem, the modem's WAN ip shows as the one from my old VPN server (and the same public ip shows when visiting whatsmyip and other sites).

I do not have a VPN client installed on my local machines. Nor do I have any settings in my hosts file.

To be clear, I set up the VPN client on the router, not on my computer directly. So, the router had the VPN client set up, and all traffic routed through the VPN connection there.

Now, that VPN's IP address is stuck as my WAN IP.

I called my ISP. They do not know where that WAN IP comes from. It's not one of theirs, and it's not the one being sent to the modem.

Maybe I've misunderstood how this all comes together? I would show a screenshot of the VPN profile that had this IP as the VPN server IP. But, that profile no longer exists. This is what confuses me.
 

Attachments

  • Screen Shot 2021-03-18 at 5.13.52 PM.png
    Screen Shot 2021-03-18 at 5.13.52 PM.png
    311.8 KB · Views: 42
  • Screen Shot 2021-03-18 at 5.14.49 PM.png
    Screen Shot 2021-03-18 at 5.14.49 PM.png
    347.1 KB · Views: 48

ColinTaylor

Part of the Furniture
When I connect directly to the modem, the public ip shows as correct when visiting whatsmyip, and other similar sites.
When I connect through the modem, the modem's WAN ip shows as the one from my old VPN server..
I think you have misunderstood what's happening. The public IP address will change depending of the MAC address of the device connected to your modem. So your PC will get one address and your router will get a different address, because they have different MAC addresses. This has nothing to do with VPNs.
 

dealwithit

New Around Here
Hmm.

But if I'm connecting through the modem, my individual devices shouldn't have their own public IP address that's in a completely different range, right (200.x.x.x from ISP when connecting through the modem directly vs 137.x.x.x from all devices when connecting through the router)? In the past, when I would check my public IP, that public IP would be the same regardless of the device I would use. This is what I expect by having NAT enabled and WAN DMZ disabled.

Devices -> Router -> Modem -> World

From the world's perspective, given these settings, they should only see the IP address assigned to the modem, right?
 

ColinTaylor

Part of the Furniture
Hmm.

But if I'm connecting through the modem, my individual devices shouldn't have their own public IP address that's in a completely different range, right (200.x.x.x from ISP when connecting through the modem directly vs 137.x.x.x from all devices when connecting through the router)?
Large ISPs have multiple non-contiguous blocks of IP addresses. It is quite common for an ISP to assign addresses that are in completely different ranges.

In the past, when I would check my public IP, that public IP would be the same regardless of the device I would use. This is what I expect by having NAT enabled and WAN DMZ disabled.

Devices -> Router -> Modem -> World

From the world's perspective, given these settings, they should only see the IP address assigned to the modem, right?
EDIT: They see the IP address issued by your ISP to the router through the modem, not an address assigned to the modem.

The 137.25 address range is owned by Charter Communications aka Spectrum.
 
Last edited:

ColinTaylor

Part of the Furniture
Alternatively, log into your router with the same PC that you had previously used to connect directly to the modem (using Ethernet), the one that gave you the 200 address. Navigate to WAN > Internet Connection > MAC Address and click the MAC Clone button. Your PC's MAC address should appear in the box to the left. Apply that change and your router should reboot. You should now get the 200 address you had before. If not you might need to power cycle the modem and router.

P.S. Who is your ISP? 200 addresses are typically South American ISPs.
 
Last edited:

Nesalex

Occasional Visitor
I can't get rid of the WAN IP that was set by a VPN connection that was since removed.

Background
I set up a VPN client on my RT-AC68W after installing merlin v384 (I think 384?). All was fine for awhile, but I needed to remove the VPN client to solve some issues with some hosts that block traffic from my VPN.

What I've tried
Switched off all OpenVPN clients. No effect.
Removed all VPN Client PPTP/L2TP profiles. No effect.
Power cycled modem & router in different order. No effect.
Tried switching WAN off/on from the admin interface. No effect.
Tried turning WAN off/on using a command I saw in one of the threads here. No effect.
Connected directly to modem, bypassing the router, and verified the IP address of the modem is correctly set by my ISP.
Connected back to the modem, logged in, and confirmed WAN IP was still from the old disabled VPN.
Reset (power off, hold WPS button, power on, keep holding until power led blinks) No effect.
Install new firmware 386.1_2 No effect.
Reset again (power off, hold WPS button, power on, keep holding until power led blinks) No effect.
Checked WAN IP. Still the old one.
Checked VPN client settings; I still see the data cypher and some settings on VPN Client 2. This surprised me since all other settings seemed to be reset (i.e., I had to set login info, reset SSID name and pass, etc).

I searched for similar issues from others, but the closest I could find was about release/renew the WAN IP (which I tried, to no effect).

I'm at a loss on what to do next. Why does the router keep the old VPN IP? How can I delete that for all eternity?

Much appreciated for the help/guidance.

Thanks,
Matthew
Hi. I think I had the same problem. I switched WAN from a static IP address to a PPPoe connection. In the end I had to give the factory settings of the router and since then everything works ok. Firmware version 386.1_2 RT-AC68U
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top