Domain based VPN policydoes not work on AX1800 Flint

bring.fringe18 · July 18, 2023, 5:52pm

Upstream/Public IP

Policy

Results

2023-07-18 13_46_08-ipecho.net_plain - Brave

vinnfts · July 18, 2023, 6:14pm

That’s extremely weird, I don’t know why mine does not working!

bring.fringe18 · July 18, 2023, 6:17pm

Have you disconnected & reconnected WG Client?

vinnfts · July 18, 2023, 6:46pm

I did multiple times

bring.fringe18 · July 18, 2023, 7:45pm

I’d reflash via U-boot. Nuke it all; start over. That’s all I can tell 'ya.

scumball · July 18, 2023, 10:16pm

I have the same issue on my mt2500
whatismyip.com is the only domain in the policy
Whenever I visit that site I see my ISP and ISP assigned IP

alzhao · July 20, 2023, 4:14am

@scumball and @vinnfts can you pls post screenshot as @bring.fringe18 do?

vinnfts · July 20, 2023, 5:02am

I did @alzhao
Public IP

Policy

Result here

It looks like the policy does not work although the Wireguard VPN is running successfully here

alzhao · July 20, 2023, 5:06am

You are putting the policy wrong.

You only need to put ipecho.net, not https://ipecho.net

vinnfts · July 20, 2023, 5:21am

@alzhao No, I did both, nothing worked

alzhao · July 20, 2023, 5:40am

Pls just post exact steps and results. Otherwise too difficult to check.

scumball · July 20, 2023, 5:30pm

No VPN

VPN On, one address and it WORKS

Then when I add more addresses to the list, it STOPS working again

alzhao · July 21, 2023, 1:28am

I did the same test, step by step as yours, here is the result.

Browser has DNS cache, even in Private Mode. Flush dns of Windows does not fit.
You can wait a while until your browser and windows to flush dns. Or you can use two browser, close the browse completely and open again to test.

bring.fringe18 · July 21, 2023, 1:33am

Windows 10 via Command Prompt: ipconfig /flushdns :

Successfully flushed the DNS Resolver Cache.

alzhao · July 21, 2023, 1:35am

This does not affect browser

bring.fringe18 · July 21, 2023, 1:39am

@scumball was also running traceroute within Windows so it’s better to clear the whole slate, no?

I had no issues using Brave’s Private Mode, as the screenshots show, FWIW.

alzhao · July 21, 2023, 1:40am

Do both. Flush dns of windows. Close browser and open again, using private mode.

scumball · July 21, 2023, 6:16am

Ok will retest. I also tried speedtest on my Apple TV and was seeing my ISP provider not VPN. So maybe it takes time to register on the router?

While I have your attention, do you have any ideas on my other thread.

When I run the VPN based on clients or global policy it uses my slower failover connection only and not the main active connection?

scumball · August 6, 2023, 12:11am

When using domain policy VPN on my brume2 I can see on a tracert from a connected PC that the route is going via VPN but I see no traffic on the status page and in Luci when streaming from that domain. Why would that be?

I also see when using tracert on the brume itself (SSH) that everything is going via the VPN not just the domains on the list.

Not sure this is working correctly…

Also still have an ongoing issue when using multi WAN that the VPN always defaults to the failover connection and not the default primary connection.

alzhao · September 18, 2023, 2:37am

Pls post details of your test steps and result, with screenshots.

This will be added in firmware 4.5.x