Jack Yaz
Part of the Furniture
The original script might have started from there (don't remember tbh!), but its moved on a lot since then!
YazFi YazFi - enhanced AsusWRT-Merlin Guest WiFi inc. SSID <-> VPN Client
- Thread starter Jack Yaz
- Start date
Jack Yaz
Part of the Furniture
It should append to the list, does it happen every time you run YazFi? Please provide replication steps and I will test here.
It resets every time the script runs. I have an ip under destination on Client 1.
Code:
YazFi: YazFi v2.2.0 starting up
YazFi: wl0.1 passed validation
YazFi: wl1.1 passed validation
YazFi: wl21_ENABLED is blank, setting to false
YazFi: wl22_ENABLED is blank, setting to false
YazFi: wl23_ENABLED is blank, setting to false
YazFi: wl0.1 (SSID: 51) - VPN redirection enabled, sending all interface internet traffic over VPN Client 2
YazFi: wl1.1 (SSID: 51) - VPN redirection enabled, sending all interface internet traffic over VPN Client 2
YazFi: VPN Client 1 client list has changed, restarting VPN Client 1
YazFi: YazFi v2.2.0 completed successfullyJack Yaz
Part of the Furniture
Can you send me a screenshot of your rules for client 1 please? Also which router model and f/w?
Running ac86u on 384.5.
At the moment i am not routing a ssid over this client. I only input proxy under dest. 10.8.0.1
Attachments
Jack Yaz
Part of the Furniture
Which rules should be in there please? I suspect I've spotted the problem, going to check now.
HuskyHerder
Senior Member
@Jack Yaz
Did I miss something? well evidently ? Scratches head ?
I am rather fastidious about my setup this is my entry for my policy route setup.
Each time YazFi starts it adds in this entry,
I am not necessarily against it. However seems kinda problematic because I may change my route rule to WAN instead of VPN and forget to change the config file... Which one would win in this scenario?
Dont get me wrong, I think it could be useful, its just I think this might be something that the end user could select to have YazFi auto configure. But then again we get into the whole user has to many options debate. But to that I would say all of use here are not your average set of users.
Just thinking out loud here.
Did I miss something? well evidently ? Scratches head ?
I am rather fastidious about my setup this is my entry for my policy route setup.
Each time YazFi starts it adds in this entry,
I am not necessarily against it. However seems kinda problematic because I may change my route rule to WAN instead of VPN and forget to change the config file... Which one would win in this scenario?
Dont get me wrong, I think it could be useful, its just I think this might be something that the end user could select to have YazFi auto configure. But then again we get into the whole user has to many options debate. But to that I would say all of use here are not your average set of users.
Just thinking out loud here.
Last edited:
That was fast! was editing above
.Attachments
Jack Yaz
Part of the Furniture
I wonder if the blank description is throwing it off. Can you enter a description and let me know if it still gets wiped?That was fast! was editing above
EDIT: That being said, 0.0.0.0 will surely route everything, including guest wifi?
Last edited:
Jack Yaz
Part of the Furniture
Originally it showed the SSID but since users could put in a lot of different characters, it would prove tricky to validate it. So I opted for a fixed format of 2.4/5GHz Guest Network X (that change was some time ago now!)@Jack Yaz
Did I miss something? well evidently ? Scratches head ?
I am rather fastidious about my setup this is my entry for my policy route setup.
View attachment 13333
Each time YazFi starts it adds in this entry,
View attachment 13335
I am not necessarily against it. However seems kinda problematic because I may change my route rule to WAN instead of VPN and forget to change the config file... Which one would win in this scenario?
Dont get me wrong, I think it could be useful, its just I think this might be something that the end user could select to have YazFi auto configure. But then again we get into the whole user has to many options debate. But to that I would say all of use here are not your average set of users.
Just thinking out loud here.
No change, still resets.
I am curious about "YazFi: VPN Client 1 client list has changed, restarting VPN Client 1"
No SSID is using VPN-client 1 at the moment. Does it reset because of this?
Jack Yaz
Part of the Furniture
For whatever reason, the "original list" being read in (so your rules), is not matching the "new list". But as you say, no YazFi is pointing at client 1, so there should be no difference on the list.
To confirm steps:
1) Set up VPN Client 1 with your proxy rule
2) Run YazFi
3) Client list 1 "changes" so restarts
(do you get the "setting to false" each run as well?)
HuskyHerder
Senior Member
@Jack Yaz
What I found is if, I have a route rule in place it will supersede any rule you place in the list.
Testing:
I removed your entry.
Removed mine and re added to point to WAN
I then ran YazFi to allow the rule to re generated from the script. Which specifies VPN.
It was regenerated as expected.
Data:
All traffic follows my rule because it is first in the list.
At this point if I remove my rule, and click apply 5 times in the GUI, (I tried) I cannot force traffic back over your rule using the VPN until I manually re run YazFi. This is also restarting the device wifi, and refreshing the IP anything I could think of that would maybe shake the cob webs loose.
May be worth checking if the route exists and falling back to user set route. Of course I could see issues with that too. Hmm,
What I found is if, I have a route rule in place it will supersede any rule you place in the list.
Testing:
I removed your entry.
Removed mine and re added to point to WAN
I then ran YazFi to allow the rule to re generated from the script. Which specifies VPN.
It was regenerated as expected.
Data:
All traffic follows my rule because it is first in the list.
At this point if I remove my rule, and click apply 5 times in the GUI, (I tried) I cannot force traffic back over your rule using the VPN until I manually re run YazFi. This is also restarting the device wifi, and refreshing the IP anything I could think of that would maybe shake the cob webs loose.
May be worth checking if the route exists and falling back to user set route. Of course I could see issues with that too. Hmm,
Confirmed
I am getting"setting to false" on each run.
Skipping the proxy rule and running YazFi removes message
"YazFi: VPN Client 1 client list has changed, restarting VPN Client 1"
Jack Yaz
Part of the Furniture
Screenshot please just so I can check I'm following.
So even with YazFi rule as the only rule in the table, it doesn't go to VPN? (FYI I'm just automatically creating GUI entries for the firmware/Merlin's policy routing)
I suspect this might be something I've noticed, if a VPN client is restarted then some routing vanishes. Quick fix is add a call to YazFi in openvpn-event. Can you copy the line from firewall-start to openvpn-event and see if you can recreate your issue please?
Jack Yaz
Part of the Furniture
Setting to false is because of an older version of config file, which as it turns out is a red herring for your issue. (I recommend grabbing the latest one from the Github repo in post#1 anyway to remove that warning).
Can you try a rule routing a specific IP to your proxy, rather than from 0.0.0.0, and see what happens there? I can't test 0.0.0.0 right now as my wife would kill me if I bring down the internet
Living on the edgeSetting to false is because of an older version of config file, which as it turns out is a red herring for your issue. (I recommend grabbing the latest one from the Github repo in post#1 anyway to remove that warning).
Can you try a rule routing a specific IP to your proxy, rather than from 0.0.0.0, and see what happens there? I can't test 0.0.0.0 right now as my wife would kill me if I bring down the internet
Specific IP made no difference. I will try changing config file and report back.
Quick question: Is it possible to use same dhcp range for an SSID running on both 2,4 and 5 G ?
Jack Yaz
Part of the Furniture
Not in the current implementation. (it's on my list to consider, would require setting up bridges rather than individual interfaces. Not difficult, but then need to update eapd to let us authenticateLiving on the edge
Specific IP made no difference. I will try changing config file and report back.
Quick question: Is it possible to use same dhcp range for an SSID running on both 2,4 and 5 G ?
Jack Yaz
Part of the Furniture
Can I get a screeny of client 2 policy rules too please?Living on the edge
Specific IP made no difference. I will try changing config file and report back.
Quick question: Is it possible to use same dhcp range for an SSID running on both 2,4 and 5 G ?
Similar threads
Similar threads
Similar threads
-
YazFi YazFi Guest Network unable to access Pi-Hole DNS server
- Started by buzzy
- Replies: 22
-
-
Yazfi: VPN Server for guest network access only
- Started by boomstick3289
- Replies: 10
-
Make IoT devices on one-way-to-guest YazFi VLANs discoverable on main LAN
- Started by treefrog
- Replies: 5
-
YazFi Can/Should YazFi be installed on external USB drive?
- Started by noob1
- Replies: 2
-
-
-
-
Skynet Is skynet active on guest networks? (without the use of YazFi, etc)
- Started by JTnola
- Replies: 1
-
Latest threads
-
-
-
-
-
ASUSwrt DNSMASQ service can't be restarted
- Started by pseu_asus
- Replies: 1
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!