I typically use OpenVPN while traveling but I wanted to give ShadowSocks a try. I’ve got a ShadowSocks server running on a router at home and I’ve verified it to be working using a ShadowSocks client on my phone. I cannot however get my AR300M to connect. I’m running the 2.264 firmware.
In the Advanced router settings I’ve gone in to the “Services / ShadowSocks” tab but at that point I’m a bit lost on how to configure. I tried going in to “Server Manage” and added the connection info to my home router (leaving “Direct Key”, “Plugin Name”, and “Plugin Arguments” blank).
Back in “General Settings” I can now select the Alias I created in the “Transparent Proxy”, “Socks5 Proxy” and “Port Forward” sections (do I need all three? Just one?) and it will show all these as “Running” on the top of the screen.
In the “Transparent Proxy” section it then shows the “UDP-Relay Server” as “Unusable - Missing iptables-mode-tproxy or ip”. Not sure if this is a problem or not…
I can see that the process is running in the Status: ss-redir -c /var/etc/shadowsocks.cfg0a4a8f.json -l 1234 --mtu 1492 -f /var/run/ss-redir-cfg0a4a8f.pid
Viewing /var/etc/shadowsocks.cfgoa4a8f.json lists:
“server”: “(my home server IP)”, <— edited out my home IP
“password”: “xxxxxx”, <---- edited out my password
Still does not seem to connect… Any suggestions?
Can you only config transparent proxy and try?
I think I got it working (and only used transparent proxy). When Transparent Proxy is OFF using https://www.dnsleaktest.com/ I see my location as the city my hotel is in. When Transparent Proxy is ON it shows my home city in another part of the country.
I solved the error of the UDP Relay Server by installing the <span style=“color: #222222; font-family: source_sans_proregular, ‘Helvetica Neue’, Arial, Helvetica, Geneva, sans-serif; font-size: 14.6667px;”> </span><span style=“color: #222222; font-family: source_sans_proregular, ‘Helvetica Neue’, Arial, Helvetica, Geneva, sans-serif; font-size: 14.6667px;”>ptables-mode-tproxy package from the app repo. </span>
So it appears to be working! MUCH faster than OpenVPN on this router… nearly the same speed as the hotel’s connection without a proxy server. The only difference than when I run a client on my phone is I cannot access my home router’s config page using the AR300M client. On my phone if I enter my home router’s LAN IP Address I can connect to the configuration menu. I cannot do this using the AR300M.
Other than the DNS Leak test page is there any other way I can verify I’m secure?
Another update on this… Running a DNS leak test shows that my DNS is leaking… My IP address is based from my home router but the DNS is from the hotel I’m in.
How do you fix a DNS leak with Shadowsocks?
@LostDog, you need to enable dns-forwarder to protect DNS.
First, enable DNS-Forwarder. Please use your Shadowsocks’s DNS server.
Now change DNS resolve to dns-forwarder. In the following picture, change port 5353 to 5300 as above.
Disable local DNS resolve