Guide: OpenVPN on a Router with AsusWRT-Merlin

PP Stephan

Staff member
This thread refers to the how-to OpenVPN on a Router with AsusWRT-Merlin. Please only post in this thread if you have questions, comments or feedback regarding this howto. To keep this thread updated and free from obsolete and redundant information, this thread will be cleaned up occasionally.
 
Last edited:
Hello,
I followed the guide to install Perfect Privacy on my Asus RT-AC86U.

Then I would like to know how I could put in place port forwarding rules to one of my devices while making sure everything is still going through the VPN tunnel.
I’ve read many things here and there but I’m a bit confused now...
My Router has IP address 10.0.0.1 and the device I would like to forward to has 10.0.0.3
Any idea how I could do that?

Ben
 
hello
tried to set up asus ax88u with pp. works ok, on wired static ip or dhcp clients. on wlan clients i have ipv6 leak,
according to ipleak.net which show me the real ipv6 (my city). i followed your tutorial (which is obsolete, now we have 384.13), adapted and worked, only change is in pbr, like in attachment. but problem remain is in all wireless clients i have ipv6 leak. please give me an advise.
asus.jpg
le: of course, 192.168.1.2 to 192.168.1.24 is reserved for static ip, 192.168.1.25 to 192.168.1.99 for dhcp. wifi client like phones, tablets, have ipv6 leak, on laptops it just disabled ipv6, on desktop, never had ipv6.
 
Last edited:
Hello. I would just use Cloudflare DNS Servers. Use them directly in the routers configuration for ipv6 and you can also use them for ipv4.

2606:4700:4700::1001
2606:4700:4700::1111
 
hello
tried to set up asus ax88u with pp. works ok, on wired static ip or dhcp clients. on wlan clients i have ipv6 leak,
according to ipleak.net which show me the real ipv6 (my city). i followed your tutorial (which is obsolete, now we have 384.13), adapted and worked, only change is in pbr, like in attachment. but problem remain is in all wireless clients i have ipv6 leak. please give me an advise.
View attachment 1976
le: of course, 192.168.1.2 to 192.168.1.24 is reserved for static ip, 192.168.1.25 to 192.168.1.99 for dhcp. wifi client like phones, tablets, have ipv6 leak, on laptops it just disabled ipv6, on desktop, never had ipv6.

maybe you have a look over here for the config:
https://board.perfect-privacy.com/threads/asus-rt-ax88u.3573/
 
thank you. the only setting changed, in the firewall: enable network services filter to yes.
thank you
best regards.
 
Try to disable IPv6 under "Custom Configuration".

Add the following lines:
Code:
pull-filter ignore "ifconfig-ipv6"
pull-filter ignore "route-ipv6"
 
I followed the guide and when I check for dnsleak i see the Cloudflare DNS addresses (which I use instead of the one from my ISP). Shouldn't I see the VPN's dns or is it still safe as the DNS requests are coming from VPN?

- In VPN Settings on Asus-Merlin i set: Accept DNS Configuration "Exclusive". If i set to strict it will use the VPN for my normal connections without vpn (what i not want).

Edit:
What i found out:
- I set in Asus-Merlin: LAN->DHCP-Server to 192.168.1.22 (PiHole). Now the behaviour seems that the OpenVPN connection in Asus-Merlin not use the dns from OpenVPN. Instead it uses my 192.168.1.22 (PiHole) which points to Cloudflare as Upstream dns. Shouldn't it use the VPN dns? So for the moment I set in Asus-Merlin under LAN->LAN - DHCP-Server the DNS server for this specific device to my asusip (192.168.1.1), before i only assigned manually the ip there.

But I'm still wondering why DHCP assign the 192.168.1.22 when using a VPN and not use the VPN dns.

Thanks!
Dex
 
Last edited:
I followed the guide and when I check for dnsleak i see the Cloudflare DNS addresses (which I use instead of the one from my ISP). Shouldn't I see the VPN's dns or is it still safe as the DNS requests are coming from VPN?

- In VPN Settings on Asus-Merlin i set: Accept DNS Configuration "Exclusive". If i set to strict it will use the VPN for my normal connections without vpn (what i not want).

Edit:
What i found out:
- I set in Asus-Merlin: LAN->DHCP-Server to 192.168.1.22 (PiHole). Now the behaviour seems that the OpenVPN connection in Asus-Merlin not use the dns from OpenVPN. Instead it uses my 192.168.1.22 (PiHole) which points to Cloudflare as Upstream dns. Shouldn't it use the VPN dns? So for the moment I set in Asus-Merlin under LAN->LAN - DHCP-Server the DNS server for this specific device to my asusip (192.168.1.1), before i only assigned manually the ip there.

But I'm still wondering why DHCP assign the 192.168.1.22 when using a VPN and not use the VPN dns.

Thanks!
Dex

The DNS Test should show up "serverx.perfect-privacy.com".
If your using other Settings for DNS then you maybe get a Leak.
The Config above is to route "all" Traffic through VPN.
 
Back
Top