1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

VPN - TOR: How flexible can you get with how a client connects?

Discussion in 'Asuswrt-Merlin' started by ADFHogan, Dec 7, 2018.

Tags:
  1. ADFHogan

    ADFHogan Occasional Visitor

    Joined:
    Nov 9, 2016
    Messages:
    36
    Hey folks,

    Tried fiddling with the TOR settings in my RT-AC5300 a few times, and never quite get the result I expect. It seems to always want to redirect EVERYTHING through TOR.

    I even tried putting in a dummy MAC address, and setting "Redirect all user from: Only specified MAC" and it still wanted to send everything through.

    I wondered if anyone had any suggestions around the TOR provided by the router..
    Eg. Is it possible to have it set up such that it's just providing a SOCKS port you can point browser at if you so choose, rather than all traffic?

    I understand that there can be app level leaks depending on how DNS resolution is done, and how the client is configured... but I also don't necessarily want to get Windows Updates via TOR :)

    Happy to RTFM if there's some doco hiding somewhere for AsusWRT(-Merlin) that explains how to do something other than just "EVERYTHING!"

    Currently running RT-AC5300 on 384.8
     
  2. Fitz Mutch

    Fitz Mutch Senior Member

    Joined:
    May 27, 2016
    Messages:
    471
    Location:
    Portsmouth
  3. wesbez

    wesbez Regular Contributor

    Joined:
    Jun 18, 2016
    Messages:
    93
    Not sure why the MAC address doesn’t work for you. If you use a vpn service on the client and combine it with Tor (on the router), the apps wont leak dns.
     
  4. ADFHogan

    ADFHogan Occasional Visitor

    Joined:
    Nov 9, 2016
    Messages:
    36
  5. ADFHogan

    ADFHogan Occasional Visitor

    Joined:
    Nov 9, 2016
    Messages:
    36
    Do you have a screen shot of your TOR config perhaps, with personal details redacted?

    Can I, for example, wrap an app in proxychains and force it over SOCKS to router TOR proxy port?
     
  6. Fitz Mutch

    Fitz Mutch Senior Member

    Joined:
    May 27, 2016
    Messages:
    471
    Location:
    Portsmouth
    For Windows PCs that route all traffic through the Tor network, you can turn on Windows Update Delivery Optimization in Windows 10, to allow downloads from other PCs on the local network.
    WindowsUpdateDeliveryOptimization.jpg



    For corporate enviroments running Windows Server 2016, the Windows PCs would configure Local Group Policy (gpedit.msc) to download updates from a WSUS server on the local network.
    https://en.wikipedia.org/wiki/Windows_Server_Update_Services
    WindowsUpdateIntranetService.jpg
     
    Last edited: Jan 13, 2019