1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

VPN server location with Asuswrt-Merlin

Discussion in 'Asuswrt-Merlin' started by aquila, May 29, 2020.

  1. aquila

    aquila New Around Here

    Joined:
    May 29, 2020
    Messages:
    6
    Hi there,
    I am not sure if you are curious about my topic, but, this problem I think may be a serious problem not only for me but anybody else, so would like to ask you guys to give me an advice.
    • My system : Windows 8.1
    • Router : RT-AC86U
    • Asuswrt-Merlin version : 384.17(the latest one, but the former version also experienced this issue)
    symptom : Merlin firmware does appear to cause problems with selection of VPN server locations.(see the attached for the details)

    It may be a VPN supplier's problem, but I've seen this phenomenon with two different VPN suppliers at the same time, so I want you to know the current situation.

    Description : only the first(no.1) client instance(my selection of VPN server location) works properly, other number 2 ~ 5 instance does not allow any devices under router to be connected to the public internet.
    This situation does not always appear, so I assume some configuration or function conflicts may inflict this symptom.

    That is to say, if I choose the first instance as my server location, it does work fine, without any problem to connect to the internet for all of my devices connected to that router.
    But , for the rest of the instances, even if I've set up exatly the same configuration for each server location, they just connect to the VPN server but do not allow any devices under that router to be connected to the public internet.

    As a result, only no.1 instance(the first server location) could lead any VPN device to the public internet. It does not matter which server is chosen for the numbers(1~5), only number 1 server works well in all cases.(again I checked with two different VPN suppliers for this, so the possibility that two suppliers malfunction is extremely low)

    So I am not sure if my case just appears to me or anybody else, so I try to search forum, but nothing appears.
    That said If you give me any advice for this situation, it would be highly appreciated.

    Thanks and take care.
     

    Attached Files:

    • 1..png
      1..png
      File size:
      138.4 KB
      Views:
      65
  2. CaptainSTX

    CaptainSTX Part of the Furniture

    Joined:
    May 2, 2012
    Messages:
    2,555
    It could be an issue with your VPN provider as I don't experience similar issues.

    Currently I am running two VPN clients on PIA (1 & 3 ) and testing StrongVPN on #4.

    The VPN tunnels stay connected and reconnect when the router reboots. I have switched between several servers particularly when using PIA and never had an issue. I usually switch if I think there is a congestion issue or I have a need to connect using a server in a particular country.

    I now only use the open VPN files provided by the commercial VPN provider. Just upload and a user name and password if required then start. In the past I used to make some recommended/ suggested tweaks but based on my experience they made no difference in performance.

    Be sure you are using current OVPN files as older ones may not work. If your VPN provider has a VPN configurator generate the OVPN files that way.

    Have you tested switching countries by running a VPN app from your providor on your PC and making the switch and seeing what happens?
     
    dosborne likes this.
  3. aquila

    aquila New Around Here

    Joined:
    May 29, 2020
    Messages:
    6
    Thanks for your consideration.

    At first, it worked perfectly as yours did. But now that since I've used two of paid VPN providers(that is PerfectPrivacy and ExpressVPN), I have had two times of this phenomenon(Acutually this time is the second one).
    (which means between router and VPN server authentication and connection have no problem, even public IP and local IP are assigned, but VPN devices under that router can not access the internet)

    Like you I usally use ovpn files on router dashboard rather than the provided or dedicated apps/firmware instead.(I prefer Asuswrt-Merlin :))

    And I fully agree with your perspective, as older ovpn files may malfuction due to the closure of the server etc. So I tried out the lastest fresh-new ovpn files just to be sure for all of the server configurations.

    On top of that I've tested switching different countries accross the world(From US, Europe, to far east Asia like Seoul and Tokyo) with different VPN providers, and the result is always the same.(Only no.1 slot works)
    So I arguably confirmed server location and VPN provider do not change the result.

    * Please note that I have my focus on the Router, not the appilcation app on the desktop, in fact desktop app always works fine with different locations, which means VPN server itself is alive and healthy.

    One interesting thing I have found is;
    • Even I select a single location for all of the slots I have in the client window,(no.1 ~ 5 all have same location ex. Tokyo), ONLY number 1 server location works!
    • So I have to say server location or VPN server is unlikely to be the factor inflicting this kind of phenomenon I think.

    Anyway, I am currently using only number 1 slot, and just change it to any location, had it a congestion or bandwidth problem.

    Thanks for your care, and I hope someday this problem be resoloved by our users like others did. Stay safe.
     
    Last edited: May 30, 2020
  4. Ro berto

    Ro berto Regular Contributor

    Joined:
    Mar 28, 2019
    Messages:
    140
    Location:
    Germany
  5. aquila

    aquila New Around Here

    Joined:
    May 29, 2020
    Messages:
    6
    Hi there,
    Thanks for your suggestion.
    I checked your last thread, finding it seemed a little differ from my case though.

    In your case, you appear to try out multiple connections at the same time, while in my case I usally use just one connection with other clients disabled.

    On top of that, as I described above, I have two VPN suppliers with different server configurations and of course different ports and subnets for the local IP assigned by the VPN tunnel.
    This leads me to believe that what causes this issue is not the configuration or setting , but the router per se.

    So in my case, things do not change as to the fact that only first OpenVPN client(No.1 client) works even creating same configurations into all of 5 clients.

    Anyhow thanks for your taking into considerations.

    Take care.
     
    Last edited: Jun 2, 2020
  6. aquila

    aquila New Around Here

    Joined:
    May 29, 2020
    Messages:
    6
    I finally found the makeshift solution on this, and reproduce this matter.
    My firmware version is 384.17_0(the latest one), so I reprogrammed it with same one, and it allows router to fix the problem temporarily.(Indeed, I can use any of the clients 2~5 immediately)

    The reason for the "temporarily" term I used is that after switching my client over to another, then my router falls into the same situation.(only No.1 Client working with others disabled, each of No.2~5 Not working with others disabled).

    Please note that I've two of seperate networks tested with different physical locations with same router model, seeing that the situation is exactly the same.

    I hope this temporary solution could help those who stumble over the same situation with me, and lead to the improvements.

    Thanks.
     
    Last edited: Jun 2, 2020
  7. Opasen

    Opasen Occasional Visitor

    Joined:
    Apr 19, 2019
    Messages:
    11
  8. aquila

    aquila New Around Here

    Joined:
    May 29, 2020
    Messages:
    6
    Thanks for your advice.

    I've your info checked, but figured out it was a bit differerent to my case. In fact that post was about 2 years ago, subsequently the kill swith manu seems changed.
    (e.g. "Start with WAN" not exist anymore, "Block routed clients if tunnel goes down" is probably the only option left to be abled to use for kill swich)

    It was very interesting though, for I didn't know there are priorities between client instances when it comes to kill switch.
    But it wouldn't work for me either, even though I've played around with serveral changes.

    What I have tried includes;
    - Change the kill switch (Block routed clients if tunnel goes down) ; just enable it only on the active client instance at a time with others disabled.
    - To configure router(192.168.1.1) to be routed through the WAN, whereas other LAN clients to be routed through VPN.

    Previously I'd enabled the kill swtich at all profiles(client instances), and it worked in a way that just one instance(profile) is activated at a time.
     
    Last edited: Jun 8, 2020
  9. Opasen

    Opasen Occasional Visitor

    Joined:
    Apr 19, 2019
    Messages:
    11
    I was only referencing the linked post, not the whole thread. From my understanding it was the placement of your kill switch that was causing you issues.

    How many OpenVPN clients have you setup?
     
  10. aquila

    aquila New Around Here

    Joined:
    May 29, 2020
    Messages:
    6
    Do you mean client instances?

    I have set up 5 of OpenVPN client instances.

    But, I have switched only one client instance ON at a time with others OFF.

    Ex.)
    [ON] instance 1
    [off] instance 2
    [off] instance 3
    [off] instance 4
    [off] instance 5
     
  11. Opasen

    Opasen Occasional Visitor

    Joined:
    Apr 19, 2019
    Messages:
    11
    What's you ideal goal? Are you happy enabling a VPN Client one at a time or do you prefer to have multiple clients running?

    Since you have 5 clients configured maybe place the kill switch on Client 5 only. If no clients are running the kill switch will still be enforced.